QwikSec

Security Database

CVE

CWE

Training

CVE-2023-38572

Published: Jul 27, 2023

Modified: Feb 13, 2025

PUBLISHED

Description

The issue was addressed with improved checks. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, watchOS 9.6. A website may be able to bypass Same Origin Policy.

Vendor	Product	Versions
Apple	Safari	affected `unspecified - < 16.6`
Apple	tvOS	affected `unspecified - < 16.6`
Apple	iOS and iPadOS	affected `unspecified - < 16.6`
Apple	macOS	affected `unspecified - < 13.5`
Apple	iOS and iPadOS	affected `unspecified - < 15.7`
Apple	watchOS	affected `unspecified - < 9.6`

References

https://support.apple.com/en-us/HT213847

https://support.apple.com/en-us/HT213846

https://support.apple.com/en-us/HT213841

https://support.apple.com/en-us/HT213843

https://support.apple.com/en-us/HT213842

https://support.apple.com/en-us/HT213848

http://www.openwall.com/lists/oss-security/2023/08/02/1

https://lists.fedoraproject.org/archives/list/[email protected]/message/KJ4DG5LHWG2INDOTPB7MO4JVJN6LKL3M/

https://www.debian.org/security/2023/dsa-5468

https://lists.fedoraproject.org/archives/list/[email protected]/message/KQXJYKTGLKI6TJEFJCKPHCNY7PS72OER/

https://security.gentoo.org/glsa/202401-04

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.