CVE-2023-35074
First published: Mon Sep 18 2023(Updated: )
The issue was addressed with improved memory handling. This issue is fixed in tvOS 17, Safari 17, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. Processing web content may lead to arbitrary code execution.
Credit: product-security@apple.com product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple Safari | <17.0 | |
| Apple iPadOS | <17.0 | |
| Apple iPhone OS | <17.0 | |
| Apple macOS | <14.0 | |
| Apple tvOS | <17.0 | |
| Apple watchOS | <10.0 | |
| Apple Safari | <17 | 17 |
| Fedoraproject Fedora | =37 | |
| Apple macOS Sonoma | <14 | 14 |
| <17 | 17 | |
| <17 | 17 | |
| <17 | 17 | |
| Apple watchOS | <10 | 10 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://seclists.org/fulldisclosure/2023/Oct/10
- http://seclists.org/fulldisclosure/2023/Oct/2
- http://seclists.org/fulldisclosure/2023/Oct/3
- http://seclists.org/fulldisclosure/2023/Oct/8
- http://seclists.org/fulldisclosure/2023/Oct/9
- http://www.openwall.com/lists/oss-security/2023/09/28/3
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4EEMDC5TQAANFH5D77QM34ZTUKXPFGVL/
- https://support.apple.com/en-us/HT213936 (Advisory)
- https://support.apple.com/en-us/HT213937 (Advisory)
- https://support.apple.com/en-us/HT213938 (Advisory)
- https://support.apple.com/en-us/HT213940 (Advisory)
- https://support.apple.com/en-us/HT213941 (Advisory)
- https://support.apple.com/kb/HT213941
- https://security.gentoo.org/glsa/202401-33
- https://support.apple.com/kb/HT213940
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2023-40417
- CVE-2023-40385
- CVE-2023-42833
- CVE-2023-40414
- CVE-2023-40451
- CVE-2023-41074
- CVE-2023-35074
- CVE-2023-41993
- CVE-2023-40384
- CVE-2023-32377
- CVE-2023-38615
- CVE-2023-40448
- CVE-2023-40432
- CVE-2023-42871
- CVE-2023-40399
- CVE-2023-40410
- CVE-2023-42872
- CVE-2023-42929
- CVE-2023-42925
- CVE-2023-38612
- CVE-2023-32361
- CVE-2023-35984
- CVE-2023-40402
- CVE-2023-40426
- CVE-2023-42876
- CVE-2023-41065
- CVE-2023-29497
- CVE-2023-38596
- CVE-2023-42943
- CVE-2023-40406
- CVE-2023-40420
- CVE-2023-40528
- CVE-2023-40438
- CVE-2023-41994
- CVE-2023-40407
- CVE-2023-32396
- CVE-2023-42933
- CVE-2023-41980
- CVE-2023-40411
- CVE-2023-40395
- CVE-2023-40391
- CVE-2023-40441
- CVE-2023-42959
- CVE-2023-23495
- CVE-2023-40434
- CVE-2023-38586
- CVE-2023-40436
- CVE-2023-40396
- CVE-2023-41995
- CVE-2023-42870
- CVE-2023-41981
- CVE-2023-41984
- CVE-2023-40429
- CVE-2023-41060
- CVE-2023-41067
- CVE-2023-40400
- CVE-2023-40454
- CVE-2023-41073
- CVE-2023-40403
- CVE-2023-40427
- CVE-2023-42957
- CVE-2023-32421
- CVE-2023-42826
- CVE-2023-42918
- CVE-2023-41986
- CVE-2023-40455
- CVE-2023-40386
- CVE-2023-38408
- CVE-2023-40401
- CVE-2023-40393
- CVE-2023-42949
- CVE-2023-42934
- CVE-2023-37448
- CVE-2023-38607
- CVE-2023-41987
- CVE-2023-41063
- CVE-2023-40422
- CVE-2023-39233
- CVE-2023-40388
- CVE-2023-35990
- CVE-2023-40452
- CVE-2023-40430
- CVE-2023-41996
- CVE-2023-41078
- CVE-2023-41070
- CVE-2023-40541
- CVE-2023-41079
- CVE-2023-40443
- CVE-2023-41968
- CVE-2023-40450
- CVE-2023-42948
- CVE-2023-40424
- CVE-2023-39434
- CVE-2023-32359
- CVE-2023-38610
- CVE-2023-41066
- CVE-2023-41979
- CVE-2023-40529
- CVE-2023-41174
- CVE-2023-40409
- CVE-2023-40412
- CVE-2023-41071
- CVE-2023-41232
- CVE-2023-41069
- CVE-2023-40431
- CVE-2023-41974
- CVE-2023-41068
- CVE-2023-40456
- CVE-2023-40520
- CVE-2023-40419
- CVE-2023-40428
- CVE-2023-40418
Frequently Asked Questions
What is the vulnerability with ID CVE-2023-35074?
The vulnerability with ID CVE-2023-35074 is a memory handling issue in WebKit.
Which software is affected by CVE-2023-35074?
CVE-2023-35074 affects Apple tvOS up to version 17, Apple iOS up to version 17, Apple iPadOS up to version 17, Apple watchOS up to version 10, Apple macOS Sonoma up to version 14, and Apple Safari up to version 17.
How can I fix the vulnerability with ID CVE-2023-35074?
To fix CVE-2023-35074, update your software to the latest version available. Check the references for more information.
What is the severity of CVE-2023-35074?
The severity of CVE-2023-35074 is not specified.
Where can I find more information about CVE-2023-35074?
You can find more information about CVE-2023-35074 in the references provided: [Reference 1](https://support.apple.com/en-us/HT213936), [Reference 2](https://support.apple.com/en-us/HT213938), [Reference 3](https://support.apple.com/en-us/HT213937).
- agent/author
- agent/type
- agent/first-publish-date
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/severity
- collector/apple-support
- source/Apple
- agent/software-canonical-lookup
- agent/description
- collector/mitre-cve
- source/MITRE
- collector/nvd-api
- source/NVD
- agent/references
- agent/last-modified-date
- agent/softwarecombine
- agent/event
- agent/tags
- vendor/apple
- canonical/apple safari
- canonical/apple ipados
- canonical/apple iphone os
- canonical/apple macos
- canonical/apple tvos
- canonical/apple watchos
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/37
- canonical/apple macos sonoma