CVE-2023-40451

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2023-40451

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-40451.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2023-40451

Downstream

DEBIAN-CVE-2023-40451

DSA-5468-1

RHSA-2023:6535

RHSA-2023:7055

RHSA-2025:10364

SUSE-SU-2023:4209-1

SUSE-SU-2023:4211-1

SUSE-SU-2023:4294-1

SUSE-SU-2023:4339-1

SUSE-SU-2023:4978-1

SUSE-SU-2024:0002-1

SUSE-SU-2024:0004-1

UBUNTU-CVE-2023-40451

Related

Published

2023-09-27T15:19:17.090Z

Modified

2026-03-13T07:40:45.316165Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 17. An attacker with JavaScript execution may be able to execute arbitrary code.

References

Affected packages

Git /

Affected ranges

Database specific

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "fixed": "17.0"
            }
        ]
    }
]

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-40451.json"