QwikSec

Security Database

CVE

CWE

Training

CVE-2023-38599

Published: Jul 28, 2023

Modified: Feb 13, 2025

PUBLISHED

Description

A logic issue was addressed with improved state management. This issue is fixed in Safari 16.6, watchOS 9.6, iOS 15.7.8 and iPadOS 15.7.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. A website may be able to track sensitive user information.

Vendor	Product	Versions
Apple	Safari	affected `unspecified - < 16.6`
Apple	tvOS	affected `unspecified - < 16.6`
Apple	iOS and iPadOS	affected `unspecified - < 16.6`
Apple	macOS	affected `unspecified - < 13.5`
Apple	iOS and iPadOS	affected `unspecified - < 15.7`
Apple	watchOS	affected `unspecified - < 9.6`

References

https://support.apple.com/en-us/HT213847

https://support.apple.com/en-us/HT213846

https://support.apple.com/en-us/HT213841

https://support.apple.com/en-us/HT213843

https://support.apple.com/en-us/HT213842

https://support.apple.com/en-us/HT213848

http://www.openwall.com/lists/oss-security/2023/08/02/1

https://lists.fedoraproject.org/archives/list/[email protected]/message/KJ4DG5LHWG2INDOTPB7MO4JVJN6LKL3M/

https://www.debian.org/security/2023/dsa-5468

https://lists.fedoraproject.org/archives/list/[email protected]/message/KQXJYKTGLKI6TJEFJCKPHCNY7PS72OER/

https://security.gentoo.org/glsa/202401-04

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.