Description
The issue was addressed with improved memory handling. This issue is fixed in iOS 17.2 and iPadOS 17.2, macOS Sonoma 14.2, Safari 17.2, iOS 16.7.15 and iPadOS 16.7.15, iOS 15.8.7 and iPadOS 15.8.7. Processing maliciously crafted web content may lead to memory corruption.
References (19)
Core 19
Core References
Mailing List
http://seclists.org/fulldisclosure/2026/Mar/1
Vendor Advisory
https://support.apple.com/en-us/120877
Vendor Advisory
https://support.apple.com/en-us/120300
Vendor Advisory
https://support.apple.com/en-us/120879
Vendor Advisory
https://support.apple.com/en-us/126646
Vendor Advisory
https://support.apple.com/en-us/126632
Vendor Advisory
https://access.redhat.com/errata/RHSA-2024:8180
Vendor Advisory
https://access.redhat.com/errata/RHSA-2024:8492
Vendor Advisory
https://access.redhat.com/errata/RHSA-2024:8496
Vendor Advisory
https://access.redhat.com/errata/RHSA-2024:9144
Vendor Advisory
https://access.redhat.com/errata/RHSA-2024:9636
Vendor Advisory
https://access.redhat.com/errata/RHSA-2024:9646
Vendor Advisory
https://access.redhat.com/errata/RHSA-2024:9653
Vendor Advisory
https://access.redhat.com/errata/RHSA-2024:9679
Vendor Advisory
https://access.redhat.com/errata/RHSA-2024:9680
Vendor Advisory
https://access.redhat.com/errata/RHSA-2025:10364
Vendor Advisory
https://access.redhat.com/security/cve/CVE-2023-43010
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2448778
Scores
CVSS v3
8.8
EPSS
0.0089
EPSS Percentile
55.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-120
CWE-787
Status
published
Products (9)
Apple/iOS and iPadOS
unspecified - 15.8.7
Apple/iOS and iPadOS
unspecified - 16.7.15
Apple/iOS and iPadOS
unspecified - 17.2
apple/ipados
< 15.8.7
apple/iphone_os
< 15.8.7
apple/macos
< 14.2
Apple/macOS
unspecified - 14.2
apple/safari
< 17.2
Apple/Safari
unspecified - 17.2
Published
Mar 12, 2026
Tracked Since
Mar 12, 2026