cbcvebase.
CVE-2023-38592
published 2023-07-28

CVE-2023-38592: A logic issue was addressed with improved restrictions. This issue is fixed in iOS 16.6 and iPadOS 16.6, watchOS 9.6, tvOS 16.6, macOS Ventura 13.5. Processing…

PriorityP351high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
EPSS
1.10%
61.6th percentile
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 16.6 and iPadOS 16.6, watchOS 9.6, tvOS 16.6, macOS Ventura 13.5. Processing web content may lead to arbitrary code execution.

Affected

16 ranges
VendorProductVersion rangeFixed in
appleios_16.6_and_ipados
appleios_and_ipados>= unspecified < 16.616.6
appleipados>= 16.0 < 16.616.6
appleiphone_os>= 16.0 < 16.616.6
applemacos>= 13.0 < 13.513.5
applemacos>= unspecified < 13.513.5
applemacos_ventura
applesafari
appletvos< 16.616.6
appletvos
appletvos>= unspecified < 16.616.6
applewatchos< 9.69.6
applewatchos
applewatchos>= unspecified < 9.69.6
debianwebkit2gtk< webkit2gtk 2.40.5-1~deb12u1 (bookworm)webkit2gtk 2.40.5-1~deb12u1 (bookworm)
debianwpewebkit< webkit2gtk 2.40.5-1~deb12u1 (bookworm)webkit2gtk 2.40.5-1~deb12u1 (bookworm)

CVSS provenance

nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
osv8.8HIGH
vendor_debian8.8HIGH
vendor_redhat8.8HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.