High severity8.8CISA KEVNVD Advisory· Published Jan 23, 2024· Updated Apr 3, 2026
CVE-2024-23222
CVE-2024-23222
Description
A type confusion issue was addressed with improved checks. This issue is fixed in Safari 17.3, iOS 15.8.7 and iPadOS 15.8.7, iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3, macOS Monterey 12.7.3, macOS Sonoma 14.3, macOS Ventura 13.6.4, tvOS 17.3, visionOS 1.0.2. Processing maliciously crafted web content may lead to arbitrary code execution. This fix associated with the Coruna exploit was shipped in iOS 17.3 on January 22, 2024. This update brings that fix to devices that cannot update to the latest iOS version.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
47cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*range: <17.3
- (no CPE)range: <17.3
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*range: >=12.0,<12.7.3
- (no CPE)range: <14.3
- Range: <17.3
- osv-coords38 versionspkg:rpm/opensuse/webkit2gtk3&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/webkit2gtk3&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/webkit2gtk3-soup2&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/webkit2gtk3-soup2&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/webkit2gtk4&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/webkit2gtk4&distro=openSUSE%20Leap%2015.6pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP5pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP6pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP5pkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5pkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Manager%20Proxy%204.3pkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Manager%20Server%204.3pkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP5pkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6pkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4
< 2.42.5-150400.4.75.1+ 37 more
- (no CPE)range: < 2.42.5-150400.4.75.1
- (no CPE)range: < 2.46.0-150600.12.12.1
- (no CPE)range: < 2.42.5-150400.4.75.1
- (no CPE)range: < 2.46.0-150600.12.12.1
- (no CPE)range: < 2.42.5-150400.4.75.1
- (no CPE)range: < 2.46.0-150600.12.12.1
- (no CPE)range: < 2.42.4-150200.100.1
- (no CPE)range: < 2.42.4-150200.100.1
- (no CPE)range: < 2.42.4-150200.100.1
- (no CPE)range: < 2.42.5-150400.4.75.1
- (no CPE)range: < 2.42.5-150400.4.75.1
- (no CPE)range: < 2.42.5-150400.4.75.1
- (no CPE)range: < 2.46.0-150600.12.12.1
- (no CPE)range: < 2.42.5-2.168.2
- (no CPE)range: < 2.42.4-150200.100.1
- (no CPE)range: < 2.42.4-150200.100.1
- (no CPE)range: < 2.42.5-150400.4.75.1
- (no CPE)range: < 2.42.5-2.168.2
- (no CPE)range: < 2.42.4-150200.100.1
- (no CPE)range: < 2.42.4-150200.100.1
- (no CPE)range: < 2.42.5-150400.4.75.1
- (no CPE)range: < 2.42.5-2.168.2
- (no CPE)range: < 2.42.5-2.168.2
- (no CPE)range: < 2.42.5-150400.4.75.1
- (no CPE)range: < 2.42.5-150400.4.75.1
- (no CPE)range: < 2.42.5-150400.4.75.1
- (no CPE)range: < 2.46.0-150600.12.12.1
- (no CPE)range: < 2.42.5-150400.4.75.1
- (no CPE)range: < 2.42.5-150400.4.75.1
- (no CPE)range: < 2.42.5-150400.4.75.1
- (no CPE)range: < 2.42.5-150400.4.75.1
- (no CPE)range: < 2.42.5-150400.4.75.1
- (no CPE)range: < 2.42.5-150400.4.75.1
- (no CPE)range: < 2.46.0-150600.12.12.1
- (no CPE)range: < 2.42.5-150400.4.75.1
- (no CPE)range: < 2.46.0-150600.12.12.1
- (no CPE)range: < 2.42.5-150400.4.75.1
- (no CPE)range: < 2.42.5-150400.4.75.1
Patches
Vulnerability mechanics
References
25- seclists.org/fulldisclosure/2024/Feb/6nvdThird Party Advisory
- seclists.org/fulldisclosure/2024/Jan/34nvdThird Party Advisory
- seclists.org/fulldisclosure/2024/Jan/40nvdThird Party Advisory
- support.apple.com/en-us/118479nvdRelease NotesVendor Advisory
- support.apple.com/en-us/120304nvdRelease NotesVendor Advisory
- support.apple.com/en-us/120305nvdRelease NotesVendor Advisory
- support.apple.com/en-us/120307nvdRelease NotesVendor Advisory
- support.apple.com/en-us/120309nvdRelease NotesVendor Advisory
- support.apple.com/en-us/120310nvdRelease NotesVendor Advisory
- support.apple.com/en-us/120311nvdRelease NotesVendor Advisory
- support.apple.com/en-us/120339nvdRelease NotesVendor Advisory
- support.apple.com/en-us/126632nvdRelease NotesVendor Advisory
- support.apple.com/en-us/HT214055nvdRelease NotesVendor Advisory
- support.apple.com/en-us/HT214059nvdRelease NotesVendor Advisory
- support.apple.com/en-us/HT214061nvdRelease NotesVendor Advisory
- support.apple.com/kb/HT214055nvdRelease NotesVendor Advisory
- support.apple.com/kb/HT214056nvdRelease NotesVendor Advisory
- support.apple.com/kb/HT214057nvdRelease NotesVendor Advisory
- support.apple.com/kb/HT214058nvdRelease NotesVendor Advisory
- support.apple.com/kb/HT214059nvdRelease NotesVendor Advisory
- support.apple.com/kb/HT214061nvdRelease NotesVendor Advisory
- support.apple.com/kb/HT214063nvdRelease NotesVendor Advisory
- support.apple.com/kb/HT214070nvdRelease NotesVendor Advisory
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/US43EQFC2IS66EA2CPAZFH2RQ6WD7PKF/nvdBroken Link
- www.cisa.gov/known-exploited-vulnerabilities-catalognvdUS Government Resource
News mentions
1- Hackers Backdoor Popular art-template npm Package to Launch Watering-Hole AttacksCyber Security News · May 22, 2026