First published: Mon Jul 10 2023(Updated: )
Apple iOS, iPadOS, macOS, and Safari WebKit contain an unspecified vulnerability that can allow an attacker to execute code when processing web content.
Credit: an anonymous researcher an anonymous researcher an anonymous researcher product-security@apple.com product-security@apple.com product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple macOS Ventura (a) | <13.4.1 | 13.4.1 |
Apple iOS (a) | <16.5.1 | 16.5.1 |
Apple iPadOS (a) | <16.5.1 | 16.5.1 |
Apple macOS | >=13.0<13.5 | |
Apple iPadOS | <16.6 | |
Apple iPhone OS | <16.6 | |
Apple watchOS | <9.6 | |
Apple tvOS | <16.6 | |
Apple Safari | <16.5.2 | |
Apple Multiple Products | ||
Apple Safari | <16.5.2 | 16.5.2 |
ubuntu/webkit2gtk | <2.40.4 | 2.40.4 |
ubuntu/webkit2gtk | <2.40.4-0ubuntu0.22.04.1 | 2.40.4-0ubuntu0.22.04.1 |
ubuntu/webkit2gtk | <2.40.4-0ubuntu0.23.04.1 | 2.40.4-0ubuntu0.23.04.1 |
Apple macOS Ventura | <13.5 | 13.5 |
Apple watchOS | <9.6 | 9.6 |
Apple tvOS | <16.6 | 16.6 |
Apple iOS | <16.6 | 16.6 |
Apple iPadOS | <16.6 | 16.6 |
Apple iOS | <15.7.8 | 15.7.8 |
Apple iPadOS | <15.7.8 | 15.7.8 |
debian/webkit2gtk | <=2.36.4-1~deb10u1<=2.38.6-0+deb10u1 | 2.42.2-1~deb11u1 2.42.5-1~deb11u1 2.42.2-1~deb12u1 2.42.5-1~deb12u1 2.42.5-1 |
debian/wpewebkit | <=2.38.6-1~deb11u1<=2.38.6-1 | 2.42.5-1 2.42.5-1.1 |
Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)
(Found alongside the following vulnerabilities)
The severity of CVE-2023-37450 is high.
The affected products include iOS, iPadOS, Safari, tvOS, macOS Ventura, and watchOS.
CVE-2023-37450 can be exploited by processing web content, which may lead to arbitrary code execution.
The remedy for CVE-2023-37450 on Apple iOS is to update to version 16.6 or later.
You can find more information about CVE-2023-37450 on the Apple support website.