CVE-2023-27954

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2023-27954

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-27954.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2023-27954

Downstream

DEBIAN-CVE-2023-27954

DLA-3419-1

DSA-5396-1

DSA-5397-1

RHSA-2023:6535

RHSA-2023:7055

RHSA-2025:10364

SUSE-SU-2023:2056-1

SUSE-SU-2023:2065-1

SUSE-SU-2023:2077-1

SUSE-SU-2023:2078-1

UBUNTU-CVE-2023-27954

USN-6061-1

Related

Withdrawn

2026-01-27T04:18:51.301550Z

Published

2023-05-08T20:15:18Z

Modified

2026-01-27T04:18:51.301550Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

The issue was addressed by removing origin information. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, tvOS 16.4, watchOS 9.4. A website may be able to track sensitive user information.

References

Affected packages