CVE-2023-28204Apple Multiple Products WebKit Out-of-Bounds Read Vulnerability

PUBLISHEDvulnerability record
2023-05-22 · last modified June 21, 2025

Metadata

CVE ID:
CVE-2023-28204
Project:
Apple
Product:
Multiple Products
Date Added:
2023-05-22
Due Date:
2023-06-12
Last Updated:
June 21, 2025

Vulnerability Name

Apple Multiple Products WebKit Out-of-Bounds Read Vulnerability

Description

Apple iOS, iPadOS, macOS, tvOS, watchOS, and Safari WebKit contain an out-of-bounds read vulnerability that may disclose sensitive information when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.

Known To Be Used in Ransomware Campaigns?

Ransomware Status:
Unknown

Action

Apply updates per vendor instructions.

Additional Notes

Related News Articles

Related Weaknesses