High severity8.8NVD Advisory· Published Sep 27, 2023· Updated Jun 17, 2026
CVE-2023-39434
CVE-2023-39434
Description
A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. Processing web content may lead to arbitrary code execution.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
41prior to Sonoma 14+ 1 more
- (no CPE)range: prior to Sonoma 14
- (no CPE)range: unspecified
- Range: prior to 17
prior to 10+ 1 more
- (no CPE)range: prior to 10
- (no CPE)range: unspecified
- Range: prior to 17
- osv-coords34 versionspkg:rpm/almalinux/webkit2gtk3pkg:rpm/almalinux/webkit2gtk3-develpkg:rpm/almalinux/webkit2gtk3-jscpkg:rpm/almalinux/webkit2gtk3-jsc-develpkg:rpm/opensuse/webkit2gtk3&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/webkit2gtk3&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/webkit2gtk3-soup2&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/webkit2gtk3-soup2&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/webkit2gtk4&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/webkit2gtk4&distro=openSUSE%20Leap%2015.5pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Enterprise%20Storage%207pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-ESPOSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP4pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP5pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP5pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Manager%20Proxy%204.2pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Manager%20Server%204.2pkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP4pkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5pkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP4pkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP5
< 2.40.5-1.el9+ 33 more
- (no CPE)range: < 2.40.5-1.el9
- (no CPE)range: < 2.40.5-1.el9
- (no CPE)range: < 2.40.5-1.el9
- (no CPE)range: < 2.40.5-1.el9
- (no CPE)range: < 2.42.1-150400.4.57.2
- (no CPE)range: < 2.42.1-150400.4.57.2
- (no CPE)range: < 2.42.1-150400.4.57.2
- (no CPE)range: < 2.42.1-150400.4.57.2
- (no CPE)range: < 2.42.1-150400.4.57.3
- (no CPE)range: < 2.42.1-150400.4.57.3
- (no CPE)range: < 2.42.1-150200.87.4
- (no CPE)range: < 2.42.1-150200.87.4
- (no CPE)range: < 2.42.1-150000.3.153.1
- (no CPE)range: < 2.42.1-150200.87.4
- (no CPE)range: < 2.42.1-150200.87.4
- (no CPE)range: < 2.42.1-150200.87.4
- (no CPE)range: < 2.42.1-150400.4.57.2
- (no CPE)range: < 2.42.1-150400.4.57.2
- (no CPE)range: < 2.42.1-2.155.1
- (no CPE)range: < 2.42.1-150000.3.153.1
- (no CPE)range: < 2.42.1-150200.87.4
- (no CPE)range: < 2.42.1-150200.87.4
- (no CPE)range: < 2.42.1-2.155.1
- (no CPE)range: < 2.42.1-150000.3.153.1
- (no CPE)range: < 2.42.1-150200.87.4
- (no CPE)range: < 2.42.1-150200.87.4
- (no CPE)range: < 2.42.1-2.155.1
- (no CPE)range: < 2.42.1-2.155.1
- (no CPE)range: < 2.42.1-150200.87.4
- (no CPE)range: < 2.42.1-150200.87.4
- (no CPE)range: < 2.42.1-150400.4.57.2
- (no CPE)range: < 2.42.1-150400.4.57.2
- (no CPE)range: < 2.42.1-150400.4.57.3
- (no CPE)range: < 2.42.1-150400.4.57.3
- Range: unspecified
Patches
Vulnerability mechanics
References
9- seclists.org/fulldisclosure/2023/Oct/3nvdMailing ListThird Party Advisory
- seclists.org/fulldisclosure/2023/Oct/8nvdMailing ListThird Party Advisory
- seclists.org/fulldisclosure/2023/Oct/9nvdMailing ListThird Party Advisory
- www.openwall.com/lists/oss-security/2023/09/28/3nvdMailing ListThird Party Advisory
- support.apple.com/en-us/HT213937nvdRelease NotesVendor Advisory
- support.apple.com/en-us/HT213938nvdRelease NotesVendor Advisory
- support.apple.com/en-us/HT213940nvdRelease NotesVendor Advisory
- security.gentoo.org/glsa/202401-33nvd
- webkitgtk.org/security/WSA-2023-0009.htmlnvd
News mentions
0No linked articles in our index yet.