The issue was addressed with improved checks. This issue is fixed in Safari 16.6.1, macOS Ventura 13.6, OS 17.0.1 and iPadOS 17.0.1, iOS 16.7 and iPadOS 16.7. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.

Related CVEs

CVE-2023-41993

Key Information

GHSA ID

GHSA-2hcr-79rm-r8rp

Published

September 21, 2023 9:31 PM

Last Modified

October 22, 2025 12:32 AM

CVSS Score

9.0 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: November 23, 2025 6:29 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.