Unrated severityCISA KEVNVD Advisory· Published Apr 10, 2023· Updated Oct 21, 2025
CVE-2023-28205
CVE-2023-28205
Description
A use after free issue was addressed with improved memory management. This issue is fixed in Safari 16.4.1, iOS 15.7.5 and iPadOS 15.7.5, iOS 16.4.1 and iPadOS 16.4.1, macOS Ventura 13.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
38- Range: <?
- osv-coords34 versionspkg:rpm/almalinux/webkit2gtk3pkg:rpm/almalinux/webkit2gtk3-develpkg:rpm/almalinux/webkit2gtk3-jscpkg:rpm/almalinux/webkit2gtk3-jsc-develpkg:rpm/opensuse/webkit2gtk3&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/webkit2gtk3-soup2&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/webkit2gtk4&distro=openSUSE%20Leap%2015.4pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Enterprise%20Storage%207pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-ESPOSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP4pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2015%20SP3pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-ESPOSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Manager%20Proxy%204.2pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Manager%20Server%204.2pkg:rpm/suse/webkit2gtk3&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/webkit2gtk3&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP4pkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP4
< 2.36.7-1.el9_1.3+ 33 more
- (no CPE)range: < 2.36.7-1.el9_1.3
- (no CPE)range: < 2.36.7-1.el9_1.3
- (no CPE)range: < 2.36.7-1.el9_1.3
- (no CPE)range: < 2.36.7-1.el9_1.3
- (no CPE)range: < 2.38.6-150400.4.39.1
- (no CPE)range: < 2.38.6-150400.4.39.1
- (no CPE)range: < 2.38.6-150400.4.39.1
- (no CPE)range: < 2.38.6-150200.72.1
- (no CPE)range: < 2.38.6-150200.72.1
- (no CPE)range: < 2.38.6-150000.3.139.1
- (no CPE)range: < 2.38.6-150200.72.1
- (no CPE)range: < 2.38.6-150200.72.1
- (no CPE)range: < 2.38.6-150200.72.1
- (no CPE)range: < 2.38.6-150400.4.39.1
- (no CPE)range: < 2.38.6-150200.72.1
- (no CPE)range: < 2.38.6-2.136.1
- (no CPE)range: < 2.38.6-2.136.1
- (no CPE)range: < 2.38.6-2.136.1
- (no CPE)range: < 2.38.6-2.136.1
- (no CPE)range: < 2.38.6-150000.3.139.1
- (no CPE)range: < 2.38.6-150200.72.1
- (no CPE)range: < 2.38.6-150200.72.1
- (no CPE)range: < 2.38.6-2.136.1
- (no CPE)range: < 2.38.6-2.136.1
- (no CPE)range: < 2.38.6-150000.3.139.1
- (no CPE)range: < 2.38.6-150200.72.1
- (no CPE)range: < 2.38.6-150200.72.1
- (no CPE)range: < 2.38.6-2.136.1
- (no CPE)range: < 2.38.6-150200.72.1
- (no CPE)range: < 2.38.6-150200.72.1
- (no CPE)range: < 2.38.6-2.136.1
- (no CPE)range: < 2.38.6-2.136.1
- (no CPE)range: < 2.38.6-150400.4.39.1
- (no CPE)range: < 2.38.6-150400.4.39.1
- Range: unspecified
- Range: unspecified
- Range: unspecified
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.