CVE-2023-28205

Known Exploited Vulnerability Entry External Catalog

Back to Catalog View Vulnerability

Entry Details

Vulnerability ID

CVE-2023-28205

Status

Confirmed

Exploited

Yes

Status Updated At

2023-04-10 00:00 UTC

Timestamps

First Seen At

2023-04-10

Asserted At

2023-04-10

Scope

Notes

KEV entry: Apple Multiple Products WebKit Use-After-Free Vulnerability | Affected: Apple / Multiple Products | Description: Apple iOS, iPadOS, macOS, and Safari WebKit contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing. | Required action: Apply updates per vendor instructions. | Due date: 2023-05-01 | Known ransomware campaign use (KEV): Unknown | Notes (KEV): https://support.apple.com/en-us/HT213720,https://support.apple.com/en-us/HT213721,https://support.apple.com/en-us/HT213722,https://support.apple.com/en-us/HT213723; https://nvd.nist.gov/vuln/detail/CVE-2023-28205

References

{'id': 'CVE-2023-28205', 'url': 'https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2023-28205'}

Entry UUID

10176a27-bbe3-46dc-bd16-bebecbfe1343

Catalog Origin UUID

405284c2-e461-4670-8979-7fd2c9755a60

Created

2026-02-02 13:25 UTC

Last Updated

2026-02-06 07:53 UTC

Evidence (1)

Type Source Signal Confidence Details GCVE Metadata

Type	Source	Signal	Confidence	Details	GCVE Metadata
vendor_report	cisa-kev	successful_exploitation	0.80	View details `{ "cwes": [ "CWE-416" ], "date_added": "2023-04-10", "due_date": "2023-05-01", "feed": "CISA Known Exploited Vulnerabilities Catalog", "knownRansomwareCampaignUse": "Unknown", "product": "Multiple Products", "vendorProject": "Apple", "vulnerabilityName": "Apple Multiple Products WebKit Use-After-Free Vulnerability" }`	-

vendor_report

cisa-kev

successful_exploitation

0.80

View details

{
  "cwes": [
    "CWE-416"
  ],
  "date_added": "2023-04-10",
  "due_date": "2023-05-01",
  "feed": "CISA Known Exploited Vulnerabilities Catalog",
  "knownRansomwareCampaignUse": "Unknown",
  "product": "Multiple Products",
  "vendorProject": "Apple",
  "vulnerabilityName": "Apple Multiple Products WebKit Use-After-Free Vulnerability"
}

Export Options

JSON Object JSON API View Full Catalog