COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2023-28204

CVE-2023-28204

Severity
high · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2023-05-22
Reference
https://nvd.nist.gov/vuln/detail/CVE-2023-28204
⌖ exploited in the wild shame 50/100 exploited-in-wild

Apple iOS, iPadOS, macOS, tvOS, watchOS, and Safari WebKit contain an out-of-bounds read vulnerability that may disclose sensitive information when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited

Players implicated

apple · vendorMultiple Products · product

Description

Apple iOS, iPadOS, macOS, tvOS, watchOS, and Safari WebKit contain an out-of-bounds read vulnerability that may disclose sensitive information when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.