Search for vulnerabilities
Vulnerability details: VCID-1xyg-spum-4baf
Vulnerability ID VCID-1xyg-spum-4baf
Aliases CVE-2023-42956
Summary The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, iOS 17.2 and iPadOS 17.2, macOS Sonoma 14.2. Processing web content may lead to a denial-of-service.
Status Published
Exploitability 0.5
Weighted Severity 5.9
Risk 3.0
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
cvssv3 6.5 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42956.json
epss 0.00185 https://api.first.org/data/v1/epss?cve=CVE-2023-42956
epss 0.00185 https://api.first.org/data/v1/epss?cve=CVE-2023-42956
epss 0.00185 https://api.first.org/data/v1/epss?cve=CVE-2023-42956
epss 0.00185 https://api.first.org/data/v1/epss?cve=CVE-2023-42956
epss 0.00185 https://api.first.org/data/v1/epss?cve=CVE-2023-42956
epss 0.00185 https://api.first.org/data/v1/epss?cve=CVE-2023-42956
epss 0.00185 https://api.first.org/data/v1/epss?cve=CVE-2023-42956
epss 0.00185 https://api.first.org/data/v1/epss?cve=CVE-2023-42956
epss 0.00185 https://api.first.org/data/v1/epss?cve=CVE-2023-42956
epss 0.00185 https://api.first.org/data/v1/epss?cve=CVE-2023-42956
epss 0.00185 https://api.first.org/data/v1/epss?cve=CVE-2023-42956
epss 0.00185 https://api.first.org/data/v1/epss?cve=CVE-2023-42956
epss 0.00185 https://api.first.org/data/v1/epss?cve=CVE-2023-42956
epss 0.00185 https://api.first.org/data/v1/epss?cve=CVE-2023-42956
epss 0.00185 https://api.first.org/data/v1/epss?cve=CVE-2023-42956
epss 0.00185 https://api.first.org/data/v1/epss?cve=CVE-2023-42956
epss 0.00185 https://api.first.org/data/v1/epss?cve=CVE-2023-42956
epss 0.00185 https://api.first.org/data/v1/epss?cve=CVE-2023-42956
epss 0.00185 https://api.first.org/data/v1/epss?cve=CVE-2023-42956
cvssv3.1 6.5 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1 6.5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IXLXIOAH5S7J22LJTCIAVFVVJ4TESAX4/
ssvc Track https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IXLXIOAH5S7J22LJTCIAVFVVJ4TESAX4/
cvssv3.1 6.5 https://nvd.nist.gov/vuln/detail/CVE-2023-42956
cvssv3.1 6.5 https://support.apple.com/en-us/HT214035
ssvc Track https://support.apple.com/en-us/HT214035
cvssv3.1 6.5 https://support.apple.com/en-us/HT214036
ssvc Track https://support.apple.com/en-us/HT214036
cvssv3.1 6.5 https://support.apple.com/en-us/HT214039
ssvc Track https://support.apple.com/en-us/HT214039
cvssv3.1 6.5 https://support.apple.com/kb/HT214039
ssvc Track https://support.apple.com/kb/HT214039
cvssv3.1 6.5 http://www.openwall.com/lists/oss-security/2024/03/26/1
ssvc Track http://www.openwall.com/lists/oss-security/2024/03/26/1
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42956.json
https://api.first.org/data/v1/epss?cve=CVE-2023-42956
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42843
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42950
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42956
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23254
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23263
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23280
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23284
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54658
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
1 http://www.openwall.com/lists/oss-security/2024/03/26/1
2271719 https://bugzilla.redhat.com/show_bug.cgi?id=2271719
cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
CVE-2023-42956 https://nvd.nist.gov/vuln/detail/CVE-2023-42956
HT214035 https://support.apple.com/en-us/HT214035
HT214036 https://support.apple.com/en-us/HT214036
HT214039 https://support.apple.com/en-us/HT214039
HT214039 https://support.apple.com/kb/HT214039
IXLXIOAH5S7J22LJTCIAVFVVJ4TESAX4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IXLXIOAH5S7J22LJTCIAVFVVJ4TESAX4/
RHSA-2024:9144 https://access.redhat.com/errata/RHSA-2024:9144
RHSA-2025:10364 https://access.redhat.com/errata/RHSA-2025:10364
USN-6732-1 https://usn.ubuntu.com/6732-1/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42956.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IXLXIOAH5S7J22LJTCIAVFVVJ4TESAX4/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-08T17:46:52Z/ Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IXLXIOAH5S7J22LJTCIAVFVVJ4TESAX4/
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2023-42956
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://support.apple.com/en-us/HT214035
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-08T17:46:52Z/ Found at https://support.apple.com/en-us/HT214035
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://support.apple.com/en-us/HT214036
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-08T17:46:52Z/ Found at https://support.apple.com/en-us/HT214036
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://support.apple.com/en-us/HT214039
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-08T17:46:52Z/ Found at https://support.apple.com/en-us/HT214039
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://support.apple.com/kb/HT214039
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-08T17:46:52Z/ Found at https://support.apple.com/kb/HT214039
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at http://www.openwall.com/lists/oss-security/2024/03/26/1
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-08T17:46:52Z/ Found at http://www.openwall.com/lists/oss-security/2024/03/26/1
Exploit Prediction Scoring System (EPSS)
Percentile 0.40666
EPSS Score 0.00185
Published At July 30, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T08:40:15.301176+00:00 Ubuntu USN Importer Import https://usn.ubuntu.com/6732-1/ 37.0.0