{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2023-27956","assignerOrgId":"286789f9-fbc2-4510-9f9a-43facdede74c","assignerShortName":"apple","dateUpdated":"2025-01-29T14:49:29.100Z","dateReserved":"2023-03-08T00:00:00.000Z","datePublished":"2023-05-08T00:00:00.000Z"},"containers":{"cna":{"problemTypes":[{"descriptions":[{"lang":"en","description":"Processing a maliciously crafted image may result in disclosure of process memory"}]}],"affected":[{"vendor":"Apple","product":"macOS","versions":[{"version":"unspecified","status":"affected","lessThan":"13.3","versionType":"custom"}]},{"vendor":"Apple","product":"iOS and iPadOS","versions":[{"version":"unspecified","status":"affected","lessThan":"16.4","versionType":"custom"}]},{"vendor":"Apple","product":"watchOS","versions":[{"version":"unspecified","status":"affected","lessThan":"9.4","versionType":"custom"}]},{"vendor":"Apple","product":"tvOS","versions":[{"version":"unspecified","status":"affected","lessThan":"16.4","versionType":"custom"}]},{"vendor":"Apple","product":"iOS and iPadOS","versions":[{"version":"unspecified","status":"affected","lessThan":"15.7","versionType":"custom"}]}],"descriptions":[{"lang":"en","value":"The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, tvOS 16.4, watchOS 9.4. Processing a maliciously crafted image may result in disclosure of process memory."}],"references":[{"url":"https://support.apple.com/en-us/HT213670"},{"url":"https://support.apple.com/en-us/HT213676"},{"url":"https://support.apple.com/en-us/HT213678"},{"url":"https://support.apple.com/en-us/HT213674"},{"url":"https://support.apple.com/en-us/HT213673"}],"providerMetadata":{"orgId":"286789f9-fbc2-4510-9f9a-43facdede74c","shortName":"apple","dateUpdated":"2023-07-27T03:45:58.845Z"}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T12:23:30.588Z"},"title":"CVE Program Container","references":[{"url":"https://support.apple.com/en-us/HT213670","tags":["x_transferred"]},{"url":"https://support.apple.com/en-us/HT213676","tags":["x_transferred"]},{"url":"https://support.apple.com/en-us/HT213678","tags":["x_transferred"]},{"url":"https://support.apple.com/en-us/HT213674","tags":["x_transferred"]},{"url":"https://support.apple.com/en-us/HT213673","tags":["x_transferred"]}]},{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-120","lang":"en","description":"CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"}]}],"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":5.5,"attackVector":"LOCAL","baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","integrityImpact":"NONE","userInteraction":"REQUIRED","attackComplexity":"LOW","availabilityImpact":"NONE","privilegesRequired":"NONE","confidentialityImpact":"HIGH"}},{"other":{"type":"ssvc","content":{"timestamp":"2025-01-29T14:46:39.152897Z","id":"CVE-2023-27956","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-01-29T14:49:29.100Z"}}]}}