CVE-2023-32370
published 2023-09-06CVE-2023-32370: A logic issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.3. Content Security Policy to block domains with wildcards may…
medium5.3CVSS 3.1
AVNACLPRNUINSUCNILAN
A logic issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.3. Content Security Policy to block domains with wildcards may fail.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ios_16.4_and_ipados | — | — |
| apple | macos | >= 13.0 < 13.3 | 13.3 |
| apple | macos | >= unspecified < 13.3 | 13.3 |
| apple | macos_ventura | — | — |
| apple | safari | — | — |
| debian | webkit2gtk | < webkit2gtk 2.40.1-1 (bookworm) | webkit2gtk 2.40.1-1 (bookworm) |
| debian | wpewebkit | < webkit2gtk 2.40.1-1 (bookworm) | webkit2gtk 2.40.1-1 (bookworm) |
| webkitgtk | webkitgtk | < 2.40.1 | 2.40.1 |
| wpewebkit | wpe_webkit | < 2.40.1 | 2.40.1 |
CVSS provenance
nvdv3.15.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
osv5.3MEDIUM