CVE-2023-40439: Path Traversal
First published: Mon Jul 24 2023(Updated: )
A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. An app may be able to read sensitive location information.
Credit: Kirin @Pwnrin Kirin @Pwnrin product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple iOS | <16.6 | 16.6 |
| Apple iPadOS | <16.6 | 16.6 |
| Apple macOS Ventura | <13.5 | 13.5 |
| Apple iPadOS | <16.6 | |
| Apple iPhone OS | <16.6 | |
| Apple macOS | <13.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://support.apple.com/en-us/HT213841 (Advisory)
- https://support.apple.com/en-us/HT213843 (Advisory)
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2023-40439
- CVE-2023-38616
- CVE-2023-34425
- CVE-2023-38580
- CVE-2023-36862
- CVE-2023-32364
- CVE-2023-35983
- CVE-2023-40392
- CVE-2023-42828
- CVE-2023-34241
- CVE-2023-28319
- CVE-2023-28320
- CVE-2023-28321
- CVE-2023-28322
- CVE-2023-32416
- CVE-2023-40437
- CVE-2023-32418
- CVE-2023-36854
- CVE-2022-3970
- CVE-2023-28200
- CVE-2023-38590
- CVE-2023-38598
- CVE-2023-36495
- CVE-2023-37285
- CVE-2023-38604
- CVE-2023-32734
- CVE-2023-32441
- CVE-2023-38261
- CVE-2023-38424
- CVE-2023-38425
- CVE-2023-32381
- CVE-2023-32433
- CVE-2023-35993
- CVE-2023-38410
- CVE-2023-38606
- CVE-2023-38603
- CVE-2023-38565
- CVE-2023-38593
- CVE-2023-40440
- CVE-2023-38258
- CVE-2023-38421
- CVE-2023-1916
- CVE-2023-38571
- CVE-2023-29491
- CVE-2023-38601
- CVE-2023-32444
- CVE-2023-2953
- CVE-2023-42829
- CVE-2023-38609
- CVE-2023-38259
- CVE-2023-38564
- CVE-2023-38602
- CVE-2023-42831
- CVE-2023-32442
- CVE-2023-32443
- CVE-2023-42832
- CVE-2023-32429
- CVE-2023-1801
- CVE-2023-32654
- CVE-2023-2426
- CVE-2023-2609
- CVE-2023-2610
- CVE-2023-38608
- CVE-2023-38605
- CVE-2023-40397
- CVE-2023-38572
- CVE-2023-38599
- CVE-2023-32445
- CVE-2023-38592
- CVE-2023-38594
- CVE-2023-38595
- CVE-2023-38600
- CVE-2023-38611
- CVE-2023-37450
- CVE-2023-42866
- CVE-2023-38597
- CVE-2023-38133
- CVE-2023-40442
- CVE-2023-38136
- CVE-2023-41995
- CVE-2023-40400
- CVE-2023-40394
- CVE-2023-32437
Frequently Asked Questions
What is the vulnerability ID of this issue?
The vulnerability ID is CVE-2023-40439.
What is the title of this vulnerability?
The title of this vulnerability is 'Accounts. A privacy issue was addressed with improved private data redaction for log entries.'
What is the description of this vulnerability?
The description of this vulnerability is 'Accounts. A privacy issue was addressed with improved private data redaction for log entries.'
What software is affected by this vulnerability?
The software affected by this vulnerability is Apple iOS up to version 16.6 and Apple iPadOS up to version 16.6.
Is there a remedy available?
Yes, the remedy for this vulnerability is to upgrade to Apple iOS or iPadOS version 16.6.
- agent/first-publish-date
- agent/type
- agent/references
- agent/author
- collector/apple-support
- source/Apple
- agent/software-canonical-lookup
- agent/severity
- agent/softwarecombine
- agent/description
- agent/software-canonical-lookup-request
- agent/tags
- agent/event
- collector/mitre-cve
- source/MITRE
- collector/nvd-api
- source/NVD
- agent/weakness
- agent/last-modified-date
- vendor/apple
- canonical/apple macos ventura
- canonical/apple ios
- canonical/apple ipados
- canonical/apple iphone os
- canonical/apple macos