Unrated severityCISA KEVNVD Advisory· Published Jun 23, 2023· Updated Oct 21, 2025
CVE-2023-28204
CVE-2023-28204
Description
An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, Safari 16.5, iOS 16.5 and iPadOS 16.5. Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been actively exploited.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
45- osv-coords40 versionspkg:rpm/almalinux/webkit2gtk3pkg:rpm/almalinux/webkit2gtk3-develpkg:rpm/almalinux/webkit2gtk3-jscpkg:rpm/almalinux/webkit2gtk3-jsc-develpkg:rpm/opensuse/webkit2gtk3&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/webkit2gtk3&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/webkit2gtk3-soup2&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/webkit2gtk3-soup2&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/webkit2gtk4&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/webkit2gtk4&distro=openSUSE%20Leap%2015.5pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Enterprise%20Storage%207pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-ESPOSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP4pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP5pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2015%20SP3pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-ESPOSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Manager%20Proxy%204.2pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Manager%20Server%204.2pkg:rpm/suse/webkit2gtk3&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/webkit2gtk3&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP4pkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5pkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP4pkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP5
< 2.38.5-1.el9_2.2+ 39 more
- (no CPE)range: < 2.38.5-1.el9_2.2
- (no CPE)range: < 2.38.5-1.el9_2.2
- (no CPE)range: < 2.38.5-1.el9_2.2
- (no CPE)range: < 2.38.5-1.el9_2.2
- (no CPE)range: < 2.38.6-150200.75.2
- (no CPE)range: < 2.38.6-150400.4.42.4
- (no CPE)range: < 2.38.6-150400.4.42.4
- (no CPE)range: < 2.38.6-150400.4.42.4
- (no CPE)range: < 2.38.6-150400.4.42.4
- (no CPE)range: < 2.38.6-150400.4.42.4
- (no CPE)range: < 2.38.6-150200.75.2
- (no CPE)range: < 2.38.6-150200.75.2
- (no CPE)range: < 2.40.5-150000.3.144.1
- (no CPE)range: < 2.38.6-150200.75.2
- (no CPE)range: < 2.38.6-150200.75.2
- (no CPE)range: < 2.38.6-150200.75.2
- (no CPE)range: < 2.38.6-150400.4.42.4
- (no CPE)range: < 2.38.6-150400.4.42.4
- (no CPE)range: < 2.38.6-150200.75.2
- (no CPE)range: < 2.38.6-2.139.1
- (no CPE)range: < 2.38.6-2.139.1
- (no CPE)range: < 2.38.6-2.139.1
- (no CPE)range: < 2.38.6-2.139.1
- (no CPE)range: < 2.40.5-150000.3.144.1
- (no CPE)range: < 2.38.6-150200.75.2
- (no CPE)range: < 2.38.6-150200.75.2
- (no CPE)range: < 2.38.6-2.139.1
- (no CPE)range: < 2.38.6-2.139.1
- (no CPE)range: < 2.40.5-150000.3.144.1
- (no CPE)range: < 2.38.6-150200.75.2
- (no CPE)range: < 2.38.6-150200.75.2
- (no CPE)range: < 2.38.6-2.139.1
- (no CPE)range: < 2.38.6-150200.75.2
- (no CPE)range: < 2.38.6-150200.75.2
- (no CPE)range: < 2.38.6-2.139.1
- (no CPE)range: < 2.38.6-2.139.1
- (no CPE)range: < 2.38.6-150400.4.42.4
- (no CPE)range: < 2.38.6-150400.4.42.4
- (no CPE)range: < 2.38.6-150400.4.42.4
- (no CPE)range: < 2.38.6-150400.4.42.4
- Range: unspecified
- Range: unspecified
- Range: unspecified
- Range: unspecified
- Range: unspecified
Patches
Vulnerability mechanics
References
7News mentions
0No linked articles in our index yet.