CVE-2023-43000 | THREATINT

Description

A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.5, iOS 16.6 and iPadOS 16.6, Safari 16.6. Processing maliciously crafted web content may lead to memory corruption.

PUBLISHED Reserved 2023-09-14 | Published 2025-11-05 | Updated 2026-03-05 | Assigner apple

CISA Known Exploited Vulnerability

Date added 2026-03-05 | Due date 2026-03-26

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Problem types

Processing maliciously crafted web content may lead to memory corruption

Product status

Any version before 13.5

affected

Any version before 16.6

affected

Any version before 16.6

affected

References

cloud.google.com/...lligence/coruna-powerful-ios-exploit-kit third-party-advisory

www.cisa.gov/...erabilities-catalog?field_cve=CVE-2023-43000 government-resource

support.apple.com/en-us/120331

support.apple.com/en-us/120338

support.apple.com/en-us/120324

cve.org (CVE-2023-43000)

nvd.nist.gov (CVE-2023-43000)

Download JSON