cbcvebase.
CVE-2023-40403
published 2023-09-27

CVE-2023-40403: The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tvOS 17, iOS 16.7 and iPadOS 16.7, macOS Monterey 12.7…

PriorityP433medium6.5CVSS 3.1
AVNACLPRNUIRSUCHINAN
EPSS
1.09%
61.3th percentile
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tvOS 17, iOS 16.7 and iPadOS 16.7, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. Processing web content may disclose sensitive information.

Affected

25 ranges
VendorProductVersion rangeFixed in
appleios_16.7_and_ipados
appleios_17_and_ipados
appleios_and_ipados>= unspecified < 1717
appleios_and_ipados>= unspecified < 16.716.7
appleipados< 16.716.7
appleiphone_os< 16.716.7
applemacos>= 12.0.0 < 12.712.7
applemacos>= 13.0 < 13.613.6
applemacos>= unspecified < 12.712.7
applemacos>= unspecified < 13.613.6
applemacos>= unspecified < 1414
applemacos_monterey
applemacos_sonoma
applemacos_ventura
appletvos< 17.017.0
appletvos
appletvos>= unspecified < 1717
applewatchos< 10.010.0
applewatchos
applewatchos>= unspecified < 1010
debianlibxslt< libxslt 1.1.35-1+deb12u2 (bookworm)libxslt 1.1.35-1+deb12u2 (bookworm)
xmlsoftlibxslt>= 0 < 1.1.34-4+deb11u31.1.34-4+deb11u3
xmlsoftlibxslt>= 0 < 1.1.35-1+deb12u21.1.35-1+deb12u2
xmlsoftlibxslt>= 0 < 1.1.35-1.2+deb13u11.1.35-1.2+deb13u1
xmlsoftlibxslt>= 0 < 1.1.35-21.1.35-2

CVSS provenance

nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
osv6.5MEDIUM
vendor_debian6.5MEDIUM
vendor_redhat6.3MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.