CVE-2023-32370

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Sep 6, 2023

Updated: Jan 5, 2024

Summary

CVE-2023-32370 is a logic issue identified in macOS Ventura. This vulnerability, now resolved in version 13.3, affected the validation process. A Content Security Policy (CSP), designed to block specific domains, may fail due to this issue when wildcards are used. This could potentially allow unintended sources to bypass the CSP, posing a security risk. Users are advised to update to the latest macOS version to mitigate this issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Webkitgtk
Wpewebkit Wpe Webkit
WPE WebKit
MacOS

Affected Vendors

Apple

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/skuzxd
https://www.cve.org/CVERecord?id=CVE-2023-32370
https://nvd.nist.gov/vuln/detail/CVE-2023-32370

Back to Vulnerability Database