VDB

GSD-2024-23222

GSD-2024-23222 PUBLISHED CVSS 8.800000190734863 HIGH

A type confusion issue was addressed with improved checks. This issue is fixed in Safari 17.3, iOS 15.8.7 and iPadOS 15.8.7, iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3, macOS Monterey 12.7.3, macOS Sonoma 14.3, macOS Ventura 13.6.4, tvOS 17.3, visionOS 1.0.2. Processing maliciously crafted web content may lead to arbitrary code execution. This fix associated with the Coruna exploit was shipped in iOS 17.3 on January 22, 2024. This update brings that fix to devices that cannot update to the latest iOS version.

Risk Scores

CVSS v3.1
8.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersions
AppletvOS0
AppleSafari0
ApplevisionOS0
AppleiOS and iPadOS0, 0, 0
ApplemacOS0, 0, 0

Timeline

  • Jul 18, 2023 CVE Published
  • Jan 23, 2024 PoC Published
  • Jan 23, 2024 PoC Published
  • Jan 23, 2024 PoC Published
  • Feb 23, 2025 PoC Published
  • Feb 2, 2026 PoC Published
  • Mar 4, 2026 PoC Published
  • Mar 9, 2026 PoC Published
  • Mar 12, 2026 PoC Published
  • Mar 12, 2026 PoC Published
  • Mar 12, 2026 PoC Published
  • Mar 13, 2026 PoC Published

References

…and 5 more

Open in Interactive Console →
$ Console Community · 100/wk Open console ›