VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-f8e4-r5tg-aaaf

Essentials
Severities (119)
References (44)
Severity details (42)
Exploits (0)
EPSS
History (0)

Vulnerability ID	VCID-f8e4-r5tg-aaaf
Aliases	CVE-2023-42852
Summary	A logic issue was addressed with improved checks. This issue is fixed in iOS 17.1 and iPadOS 17.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Sonoma 14.1, Safari 17.1, tvOS 17.1. Processing web content may lead to arbitrary code execution.
Status	Published
Exploitability	0.5
Weighted Severity	7.9
Risk	4.0
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

System	Score	Found at
cvssv3	8.8	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42852.json
epss	0.00188	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.00188	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.00188	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.00188	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.00188	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.00188	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.00219	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.00219	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.00219	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.00219	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.00219	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.00219	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.00273	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.00273	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.00273	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.00273	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.01833	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.01833	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.01833	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.01833	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.01833	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.01833	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.01833	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.01833	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.01833	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.01833	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.01833	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.01833	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.01833	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.01833	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.01987	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.01987	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.01987	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.01987	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.01987	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.01987	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.01987	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.01987	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.01987	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.01987	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.01987	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.01987	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.01987	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.01987	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.01987	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.01987	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.01987	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.01987	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.01987	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.01987	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.01987	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.01987	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.01987	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.01987	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.01987	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.01987	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.01987	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.01987	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.01987	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.02161	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.02161	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.02161	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.07562	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.07562	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.07562	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.07562	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.07562	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.07562	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.07562	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.07562	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.07562	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.07562	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.07562	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.07562	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.07562	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.07562	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
epss	0.22344	https://api.first.org/data/v1/epss?cve=CVE-2023-42852
cvssv3.1	8.8	http://seclists.org/fulldisclosure/2023/Oct/19
ssvc	Track	http://seclists.org/fulldisclosure/2023/Oct/19
cvssv3.1	8.8	http://seclists.org/fulldisclosure/2023/Oct/22
ssvc	Track	http://seclists.org/fulldisclosure/2023/Oct/22
cvssv3.1	8.8	http://seclists.org/fulldisclosure/2023/Oct/23
ssvc	Track	http://seclists.org/fulldisclosure/2023/Oct/23
cvssv3.1	8.8	http://seclists.org/fulldisclosure/2023/Oct/24
ssvc	Track	http://seclists.org/fulldisclosure/2023/Oct/24
cvssv3.1	8.8	http://seclists.org/fulldisclosure/2023/Oct/25
ssvc	Track	http://seclists.org/fulldisclosure/2023/Oct/25
cvssv3.1	8.8	http://seclists.org/fulldisclosure/2023/Oct/27
ssvc	Track	http://seclists.org/fulldisclosure/2023/Oct/27
cvssv3.1	8.8	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1	8.8	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RPPMOWFYZODONTA3RLZOKSGNR4DELGG2/
ssvc	Track	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RPPMOWFYZODONTA3RLZOKSGNR4DELGG2/
cvssv3.1	8.8	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S3O7ITSBZDHLBM5OG22K6RZAHRRTGECM/
ssvc	Track	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S3O7ITSBZDHLBM5OG22K6RZAHRRTGECM/
cvssv3.1	8.8	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZTCZGQPRDAOPP6NK4CIDJKIPMBWD5J7K/
ssvc	Track	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZTCZGQPRDAOPP6NK4CIDJKIPMBWD5J7K/
cvssv3	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-42852
cvssv3.1	8.8	https://nvd.nist.gov/vuln/detail/CVE-2023-42852
cvssv3.1	8.8	https://security.gentoo.org/glsa/202401-33
ssvc	Track	https://security.gentoo.org/glsa/202401-33
cvssv3.1	8.8	https://support.apple.com/en-us/HT213981
ssvc	Track	https://support.apple.com/en-us/HT213981
cvssv3.1	8.8	https://support.apple.com/en-us/HT213982
ssvc	Track	https://support.apple.com/en-us/HT213982
cvssv3.1	8.8	https://support.apple.com/en-us/HT213984
ssvc	Track	https://support.apple.com/en-us/HT213984
cvssv3.1	8.8	https://support.apple.com/en-us/HT213986
ssvc	Track	https://support.apple.com/en-us/HT213986
cvssv3.1	8.8	https://support.apple.com/en-us/HT213987
ssvc	Track	https://support.apple.com/en-us/HT213987
cvssv3.1	8.8	https://support.apple.com/en-us/HT213988
ssvc	Track	https://support.apple.com/en-us/HT213988
cvssv3.1	8.8	https://support.apple.com/kb/HT213984
ssvc	Track	https://support.apple.com/kb/HT213984
cvssv3.1	8.8	https://www.debian.org/security/2023/dsa-5557
ssvc	Track	https://www.debian.org/security/2023/dsa-5557
cvssv3.1	8.8	http://www.openwall.com/lists/oss-security/2023/11/15/1
ssvc	Track	http://www.openwall.com/lists/oss-security/2023/11/15/1

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42852.json
		https://api.first.org/data/v1/epss?cve=CVE-2023-42852
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41983
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42852
		http://seclists.org/fulldisclosure/2023/Oct/19
		http://seclists.org/fulldisclosure/2023/Oct/22
		http://seclists.org/fulldisclosure/2023/Oct/23
		http://seclists.org/fulldisclosure/2023/Oct/24
		http://seclists.org/fulldisclosure/2023/Oct/25
		http://seclists.org/fulldisclosure/2023/Oct/27
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RPPMOWFYZODONTA3RLZOKSGNR4DELGG2/
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S3O7ITSBZDHLBM5OG22K6RZAHRRTGECM/
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZTCZGQPRDAOPP6NK4CIDJKIPMBWD5J7K/
		https://support.apple.com/en-us/HT213981
		https://support.apple.com/en-us/HT213982
		https://support.apple.com/en-us/HT213984
		https://support.apple.com/en-us/HT213986
		https://support.apple.com/en-us/HT213987
		https://support.apple.com/en-us/HT213988
		https://support.apple.com/kb/HT213984
		https://www.debian.org/security/2023/dsa-5557
		http://www.openwall.com/lists/oss-security/2023/11/15/1
2271456		https://bugzilla.redhat.com/show_bug.cgi?id=2271456
cpe:2.3:a:apple:safari::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:safari::::::::
cpe:2.3:o:apple:ipados::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:ipados::::::::
cpe:2.3:o:apple:iphone_os::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os::::::::
cpe:2.3:o:apple:macos::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:macos::::::::
cpe:2.3:o:apple:tvos::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos::::::::
cpe:2.3:o:apple:watchos::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos::::::::
cpe:2.3:o:debian:debian_linux:11.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:11.0:::::::*
cpe:2.3:o:debian:debian_linux:12.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:12.0:::::::*
cpe:2.3:o:fedoraproject:fedora:37:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:37:::::::*
CVE-2023-42852		https://nvd.nist.gov/vuln/detail/CVE-2023-42852
GLSA-202401-33		https://security.gentoo.org/glsa/202401-33
RHSA-2024:2126		https://access.redhat.com/errata/RHSA-2024:2126
RHSA-2024:2982		https://access.redhat.com/errata/RHSA-2024:2982
RHSA-2024:8492		https://access.redhat.com/errata/RHSA-2024:8492
RHSA-2024:8496		https://access.redhat.com/errata/RHSA-2024:8496
RHSA-2024:9646		https://access.redhat.com/errata/RHSA-2024:9646
RHSA-2024:9653		https://access.redhat.com/errata/RHSA-2024:9653
RHSA-2024:9679		https://access.redhat.com/errata/RHSA-2024:9679
RHSA-2024:9680		https://access.redhat.com/errata/RHSA-2024:9680
USN-6490-1		https://usn.ubuntu.com/6490-1/

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42852.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://seclists.org/fulldisclosure/2023/Oct/19

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:26:16Z/ Found at http://seclists.org/fulldisclosure/2023/Oct/19

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://seclists.org/fulldisclosure/2023/Oct/22

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:26:16Z/ Found at http://seclists.org/fulldisclosure/2023/Oct/22

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://seclists.org/fulldisclosure/2023/Oct/23

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:26:16Z/ Found at http://seclists.org/fulldisclosure/2023/Oct/23

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://seclists.org/fulldisclosure/2023/Oct/24

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:26:16Z/ Found at http://seclists.org/fulldisclosure/2023/Oct/24

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://seclists.org/fulldisclosure/2023/Oct/25

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:26:16Z/ Found at http://seclists.org/fulldisclosure/2023/Oct/25

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://seclists.org/fulldisclosure/2023/Oct/27

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:26:16Z/ Found at http://seclists.org/fulldisclosure/2023/Oct/27

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RPPMOWFYZODONTA3RLZOKSGNR4DELGG2/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:26:16Z/ Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RPPMOWFYZODONTA3RLZOKSGNR4DELGG2/

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S3O7ITSBZDHLBM5OG22K6RZAHRRTGECM/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZTCZGQPRDAOPP6NK4CIDJKIPMBWD5J7K/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2023-42852

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2023-42852

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://security.gentoo.org/glsa/202401-33

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:26:16Z/ Found at https://security.gentoo.org/glsa/202401-33

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/HT213981

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:26:16Z/ Found at https://support.apple.com/en-us/HT213981

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/HT213982

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:26:16Z/ Found at https://support.apple.com/en-us/HT213982

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/HT213984

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:26:16Z/ Found at https://support.apple.com/en-us/HT213984

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/HT213986

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:26:16Z/ Found at https://support.apple.com/en-us/HT213986

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/HT213987

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:26:16Z/ Found at https://support.apple.com/en-us/HT213987

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/HT213988

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:26:16Z/ Found at https://support.apple.com/en-us/HT213988

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://support.apple.com/kb/HT213984

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:26:16Z/ Found at https://support.apple.com/kb/HT213984

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://www.debian.org/security/2023/dsa-5557

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:26:16Z/ Found at https://www.debian.org/security/2023/dsa-5557

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://www.openwall.com/lists/oss-security/2023/11/15/1

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:26:16Z/ Found at http://www.openwall.com/lists/oss-security/2023/11/15/1

Exploit Prediction Scoring System (EPSS)

Percentile	0.56953
EPSS Score	0.00188
Published At	Nov. 1, 2024, midnight

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.