First published: Mon Mar 27 2023(Updated: )
A type confusion issue was addressed with improved checks. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. Processing web content may lead to arbitrary code execution.
Credit: product-security@apple.com product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple iOS | <15.7.4 | 15.7.4 |
Apple iPadOS | <15.7.4 | 15.7.4 |
Apple iPadOS | >=16.0<16.4 | |
Apple iPhone OS | >=16.0<16.4 | |
Apple macOS | >=13.0<13.3 | |
<16.4 | 16.4 | |
<16.4 | 16.4 | |
Apple macOS Ventura | <13.3 | 13.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2023-32358 is a type confusion issue in WebKit PDF that allows for arbitrary code execution.
CVE-2023-32358 has a severity rating of 8.8 (High).
CVE-2023-32358 affects iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3, Apple iPadOS up to version 16.4, Apple iPhone OS up to version 16.4, and Apple macOS up to version 13.3.
To fix CVE-2023-32358, ensure that you have installed the necessary security updates provided by Apple, such as iOS 16.4, iPadOS 16.4, or macOS Ventura 13.3.
You can find more information about CVE-2023-32358 on the official Apple support page: https://support.apple.com/en-us/HT213670