CVE-2023-42917Apple Multiple Products WebKit Memory Corruption Vulnerability

PUBLISHEDvulnerability record
2023-12-04 · last modified June 21, 2025

Metadata

CVE ID:
CVE-2023-42917
Project:
Apple
Product:
Multiple Products
Date Added:
2023-12-04
Due Date:
2023-12-25
Last Updated:
June 21, 2025

Vulnerability Name

Apple Multiple Products WebKit Memory Corruption Vulnerability

Description

Apple iOS, iPadOS, macOS, and Safari WebKit contain a memory corruption vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.

Known To Be Used in Ransomware Campaigns?

Ransomware Status:
Unknown

Action

Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.

Additional Notes

Related News Articles

Related Weaknesses