CVE-2023-27932

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions macOS Ventura versions prior to 13.3 Safari versions prior to 16.4 iOS versions prior to 16.4 iPadOS versions prior to 16.4 tvOS versions prior to 16.4 watchOS versions prior to 9.4

Description The issue is related to the processing of maliciously crafted web content, which may bypass the Same Origin Policy. This could potentially allow an attacker to impact data integrity. The estimated number of potentially affected devices worldwide is not specified.

Recommendations For macOS Ventura versions prior to 13.3, update to macOS Ventura 13.3. For Safari versions prior to 16.4, update to Safari 16.4. For iOS versions prior to 16.4, update to iOS 16.4. For iPadOS versions prior to 16.4, update to iPadOS 16.4. For tvOS versions prior to 16.4, update to tvOS 16.4. For watchOS versions prior to 9.4, update to watchOS 9.4.

Fix

Insufficient Verification of Data Authenticity

Origin Validation Error

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-345CWE-346

Related Identifiers

ALSA-2023:6535

ALSA-2023:7055

BDU:2023-03864

CESA-2023_7055

CVE-2023-27932

DLA-3419-1

DSA-5396-1

DSA-5396-2

DSA-5397-1

MGASA-2023-0177

RHSA-2023:6535

RHSA-2023:7055

RHSA-2023_6535

RHSA-2023_7055

RHSA-2025:10364

SUSE-SU-2023:2056-1

SUSE-SU-2023:2065-1

SUSE-SU-2023:2077-1

SUSE-SU-2023:2078-1

USN-6061-1

Affected Products

Almalinux

Astra Linux

Centos

Linuxmint

Apple Macos

Red Hat

Safari

Suse

Ubuntu

Ios

Ipados

Macos Ventura

Tvos

Watchos

CVE-2023-27932

Weakness Enumeration

Related Identifiers

Affected Products

References · 100