cve-2023-32372
Vulnerability from cvelistv5
Published
2023-06-23 00:00
Modified
2024-08-02 15:10
Severity
Summary
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5, macOS Ventura 13.4. Processing an image may result in disclosure of process memory.
References
SourceURLTags
product-security@apple.comhttps://support.apple.com/en-us/HT213757Release Notes, Vendor Advisory
product-security@apple.comhttps://support.apple.com/en-us/HT213758Release Notes, Vendor Advisory
product-security@apple.comhttps://support.apple.com/en-us/HT213761Release Notes, Vendor Advisory
product-security@apple.comhttps://support.apple.com/en-us/HT213764Release Notes, Vendor Advisory
Impacted products
VendorProduct
ApplemacOS
ApplewatchOS
AppleiOS and iPadOS
AppletvOS
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T15:10:24.980Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213758"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213764"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213757"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-us/HT213761"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "macOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "13.4",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "watchOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "9.5",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "iOS and iPadOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "16.5",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "tvOS",
          "vendor": "Apple",
          "versions": [
            {
              "lessThan": "16.5",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5, macOS Ventura 13.4. Processing an image may result in disclosure of process memory."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Processing an image may result in disclosure of process memory",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-07-27T03:45:43.055Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "url": "https://support.apple.com/en-us/HT213758"
        },
        {
          "url": "https://support.apple.com/en-us/HT213764"
        },
        {
          "url": "https://support.apple.com/en-us/HT213757"
        },
        {
          "url": "https://support.apple.com/en-us/HT213761"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2023-32372",
    "datePublished": "2023-06-23T00:00:00",
    "dateReserved": "2023-05-08T00:00:00",
    "dateUpdated": "2024-08-02T15:10:24.980Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-32372\",\"sourceIdentifier\":\"product-security@apple.com\",\"published\":\"2023-06-23T18:15:11.963\",\"lastModified\":\"2023-07-27T04:15:25.130\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5, macOS Ventura 13.4. Processing an image may result in disclosure of process memory.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"16.5\",\"matchCriteriaId\":\"A4021D9E-B688-4FBC-B43A-D3C28FD38E67\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"16.5\",\"matchCriteriaId\":\"CFA59B02-43A5-4865-8560-AA32D69E5C5E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.0\",\"versionEndExcluding\":\"13.4\",\"matchCriteriaId\":\"DA07361B-D827-471F-9443-4BE4265D6A3B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"16.5\",\"matchCriteriaId\":\"D36613A6-BD83-4A57-8EE1-C186EB69DFF9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"9.5\",\"matchCriteriaId\":\"BE5DB973-7B51-4232-8E1D-231078FE275C\"}]}]}],\"references\":[{\"url\":\"https://support.apple.com/en-us/HT213757\",\"source\":\"product-security@apple.com\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://support.apple.com/en-us/HT213758\",\"source\":\"product-security@apple.com\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://support.apple.com/en-us/HT213761\",\"source\":\"product-security@apple.com\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://support.apple.com/en-us/HT213764\",\"source\":\"product-security@apple.com\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.