PULSE
LIVE37signals / 24h
FEED
ransomgunra reclama a Dissinger and Dissinger Law Firm · US · Business Servicesransomplay reclama a Boston Electric and Telephone · US · Telecommunicationransomplay reclama a Wring Group · GB · Not Foundransomincransom reclama a asa-international.com · GB · Business Servicesransomplay reclama a AG Scholtes · NL · Manufacturingransomplay reclama a Andorra Life · AD · Healthcareransomplay reclama a Svensk Direktreklam · SE · Business Servicesransomchaos reclama a radiax.com · US · Technologyransominterlock reclama a Converting Equipment International · GB · Manufacturingransomblack x reclama a sanaa · YE · Not Foundransomthegentlemen reclama a Tangram Interiors · GB · Business Servicesransomthegentlemen reclama a BRAC · BD · Business Servicesransomthegentlemen reclama a Customs Watch · US · Public Sectorransomthegentlemen reclama a Gallant · FI · Not Foundransomgunra reclama a Dissinger and Dissinger Law Firm · US · Business Servicesransomplay reclama a Boston Electric and Telephone · US · Telecommunicationransomplay reclama a Wring Group · GB · Not Foundransomincransom reclama a asa-international.com · GB · Business Servicesransomplay reclama a AG Scholtes · NL · Manufacturingransomplay reclama a Andorra Life · AD · Healthcareransomplay reclama a Svensk Direktreklam · SE · Business Servicesransomchaos reclama a radiax.com · US · Technologyransominterlock reclama a Converting Equipment International · GB · Manufacturingransomblack x reclama a sanaa · YE · Not Foundransomthegentlemen reclama a Tangram Interiors · GB · Business Servicesransomthegentlemen reclama a BRAC · BD · Business Servicesransomthegentlemen reclama a Customs Watch · US · Public Sectorransomthegentlemen reclama a Gallant · FI · Not Found
← All CVEs
CVE Watch

CVE-2023-28205

Apple Multiple Products WebKit Use-After-Free Vulnerability

CVSS

No CVSS

EPSS

27.1%

p98

KEV

YES

Apr 10, 2023

Exploit Today

79

0-100

Published: · Last modified:

EPSS · 30d
27.1%EPSS · 30 days27.1%
2026-06-302026-07-16
KEV catalog record

Product

Apple / Multiple Products

Vulnerability

Apple Multiple Products WebKit Use-After-Free Vulnerability

Added to KEV

Apr 10, 2023

Remediate by

May 1, 2023

Known ransomware use

No

Summary description

Apple iOS, iPadOS, macOS, and Safari WebKit contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.

Required action

Apply updates per vendor instructions.

Notes

https://support.apple.com/en-us/HT213720,https://support.apple.com/en-us/HT213721,https://support.apple.com/en-us/HT213722,https://support.apple.com/en-us/HT213723; https://nvd.nist.gov/vuln/detail/CVE-2023-28205

Related CVEs
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2021-30860
99.5%
KEV80Apple Multiple Products Integer Overflow Vulnerability
CVE-2023-32434
98.8%
KEV80Apple Multiple Products Integer Overflow Vulnerability
CVE-2023-41993
98.0%
KEV79Apple Multiple Products WebKit Code Execution Vulnerability
CVE-2021-30807
97.9%
KEV79Apple Multiple Products Memory Corruption Vulnerability
CVE-2023-32439
97.6%
KEV79Apple Multiple Products WebKit Type Confusion Vulnerability
CVE-2023-32435
97.5%
KEV79Apple Multiple Products WebKit Memory Corruption Vulnerability