CVE-2023-32391
Description
The issue was addressed with improved checks. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, watchOS 9.5, iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4. A shortcut may be able to use sensitive data with certain actions without prompting the user.
CWE
- CWE-125 — CWE-125 Out-of-bounds Read
Affected
- Apple / macOS — v=unspecified <13.4 [affected]
- Apple / watchOS — v=unspecified <9.5 [affected]
- Apple / iOS and iPadOS — v=unspecified <15.7 [affected]
- Apple / iOS and iPadOS — v=unspecified <16.5 [affected]
CVSS
- (none)
References
- https://support.apple.com/en-us/HT213758
- https://support.apple.com/en-us/HT213764
- https://support.apple.com/en-us/HT213765
- https://support.apple.com/en-us/HT213757
- https://support.apple.com/kb/HT213761
Source
cvelistV5-main/cves/2023/32xxx/CVE-2023-32391.json