CVE-2023-42961
published 2025-04-11CVE-2023-42961: A path handling issue was addressed with improved validation. This issue is fixed in iOS 17 and iPadOS 17, iOS 16.7 and iPadOS 16.7, macOS Sonoma 14, macOS…
medium6.3CVSS 3.1
AVNACLPRLUINSUCLILAL
A path handling issue was addressed with improved validation. This issue is fixed in iOS 17 and iPadOS 17, iOS 16.7 and iPadOS 16.7, macOS Sonoma 14, macOS Ventura 13.6, macOS Monterey 12.7. A sandboxed process may be able to circumvent sandbox restrictions.
Affected
14 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ios_16.7_and_ipados | — | — |
| apple | ios_17_and_ipados | — | — |
| apple | ios_and_ipados | >= unspecified < 17 | 17 |
| apple | ios_and_ipados | >= unspecified < 16.7 | 16.7 |
| apple | ipados | < 16.7 | 16.7 |
| apple | iphone_os | < 16.7 | 16.7 |
| apple | macos | >= 12.0 < 12.7 | 12.7 |
| apple | macos | >= 13.0 < 13.6 | 13.6 |
| apple | macos | >= unspecified < 14 | 14 |
| apple | macos | >= unspecified < 13.6 | 13.6 |
| apple | macos | >= unspecified < 12.7 | 12.7 |
| apple | macos_monterey | — | — |
| apple | macos_sonoma | — | — |
| apple | macos_ventura | — | — |
Apple
CVE-2023-42961: macOS Sonoma 14
vendor_apple·2023-09-26·CVSS 6.3
CVE-2023-42961 [MEDIUM] CVE-2023-42961: macOS Sonoma 14
Apple Security Update: About the security content of macOS Sonoma 14
Product: macOS Sonoma
Version: 14
CVE: CVE-2023-42961
Component: Intents
Impact: A sandboxed process may be able to circumvent sandbox restrictions
Description: A path handling issue was addressed with improved validation.
Apple
CVE-2023-42961: macOS Ventura 13.6
vendor_apple·2023-09-21·CVSS 6.3
CVE-2023-42961 [MEDIUM] CVE-2023-42961: macOS Ventura 13.6
Apple Security Update: About the security content of macOS Ventura 13.6
Product: macOS Ventura
Version: 13.6
CVE: CVE-2023-42961
Component: Intents
Impact: A sandboxed process may be able to circumvent sandbox restrictions
Description: A path handling issue was addressed with improved validation.
Apple
CVE-2023-42961: iOS 16.7 and iPadOS 16.7
vendor_apple·2023-09-21·CVSS 6.3
CVE-2023-42961 [MEDIUM] CVE-2023-42961: iOS 16.7 and iPadOS 16.7
Apple Security Update: About the security content of iOS 16.7 and iPadOS 16.7
Product: iOS 16.7 and iPadOS
Version: 16.7
CVE: CVE-2023-42961
Component: Intents
Impact: A sandboxed process may be able to circumvent sandbox restrictions
Description: A path handling issue was addressed with improved validation.
Apple
CVE-2023-42961: macOS Monterey 12.7
vendor_apple·2023-09-21·CVSS 6.3
CVE-2023-42961 [MEDIUM] CVE-2023-42961: macOS Monterey 12.7
Apple Security Update: About the security content of macOS Monterey 12.7
Product: macOS Monterey
Version: 12.7
CVE: CVE-2023-42961
Component: Intents
Impact: A sandboxed process may be able to circumvent sandbox restrictions
Description: A path handling issue was addressed with improved validation.
Apple
CVE-2023-42961: iOS 17 and iPadOS 17
vendor_apple·2023-09-18·CVSS 6.3
CVE-2023-42961 [MEDIUM] CVE-2023-42961: iOS 17 and iPadOS 17
Apple Security Update: About the security content of iOS 17 and iPadOS 17
Product: iOS 17 and iPadOS
Version: 17
CVE: CVE-2023-42961
Component: Intents
Impact: A sandboxed process may be able to circumvent sandbox restrictions
Description: A path handling issue was addressed with improved validation.
GHSA
GHSA-cg4r-9g44-qvw4: A path handling issue was addressed with improved validation
ghsa_unreviewed·2025-04-11
CVE-2023-42961 [MEDIUM] CWE-22 GHSA-cg4r-9g44-qvw4: A path handling issue was addressed with improved validation
A path handling issue was addressed with improved validation. This issue is fixed in iOS 17 and iPadOS 17, iOS 16.7 and iPadOS 16.7, macOS Sonoma 14, macOS Ventura 13.6, macOS Monterey 12.7. A sandboxed process may be able to circumvent sandbox restrictions.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-04-11
Published