VDB
BIT-java-min-2023-42917
BIT-java-min-2023-42917
PUBLISHED
CVSS 8.800000190734863 HIGH
A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Sonoma 14.1.2, Safari 17.1.2. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1.
Risk Scores
CVSS v3.1
8.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | java-min | 0, 1.9.0, 1.9.0 |
Timeline
- May 6, 2026 CVE Published
- May 7, 2026 Distribution Patch
- May 8, 2026 CVE Updated
References
- http://seclists.org/fulldisclosure/2023/Dec/12 url
- http://seclists.org/fulldisclosure/2023/Dec/13 url
- http://seclists.org/fulldisclosure/2023/Dec/3 url
- http://seclists.org/fulldisclosure/2023/Dec/4 url
- http://seclists.org/fulldisclosure/2023/Dec/5 url
- http://seclists.org/fulldisclosure/2023/Dec/8 url
- http://seclists.org/fulldisclosure/2024/Jan/35 url
- http://www.openwall.com/lists/oss-security/2023/12/05/1 url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AD2KIHHCUBQC2YYH3FJWAHI5BG3QETOH/ url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P5LQS6VEI7VIZNC7QGQ62EOV45R5RJIR/ url
- https://nvd.nist.gov/vuln/detail/CVE-2023-42917 url
- https://openjdk.org/groups/vulnerability/advisories/2024-04-16 url
- https://security.gentoo.org/glsa/202401-04 url
- https://support.apple.com/en-us/HT214031 url
- https://support.apple.com/en-us/HT214032 url
- https://support.apple.com/en-us/HT214033 url
- https://support.apple.com/kb/HT214033 url
- https://support.apple.com/kb/HT214034 url
- https://support.apple.com/kb/HT214062 url
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-42917 url
…and 1 more