CVE-2023-42883: 
Apple Safari vulnerability analysis and mitigation

CVE-2023-42883 is a security vulnerability affecting Apple's WebKit engine and related products. The issue was discovered and fixed in Safari 17.2, macOS Sonoma 14.2, iOS 17.2 and iPadOS 17.2, watchOS 10.2, tvOS 17.2, iOS 16.7.3 and iPadOS 16.7.3. The vulnerability was identified by the Zoom Offensive Security Team (Apple Security, WebKit Advisory).

The vulnerability is related to memory handling when processing images in WebKit. Specifically, when processing SVG images, improper memory handling could lead to a denial-of-service condition. The issue has been assigned a CVSS v3.1 base score of 5.5 (Medium) with the vector string CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H, indicating local access is required and user interaction is needed (NVD).

The primary impact of this vulnerability is that processing an image may lead to a denial-of-service condition in affected systems. This could potentially disrupt the normal operation of applications that use WebKit for rendering web content (Apple Security, WebKit Advisory).

Apple has addressed this vulnerability by improving memory handling in affected products. Users are advised to update to Safari 17.2, macOS Sonoma 14.2, iOS 17.2 and iPadOS 17.2, watchOS 10.2, tvOS 17.2, iOS 16.7.3 and iPadOS 16.7.3. For WebKitGTK and WPE WebKit users, updating to version 2.42.4 or later is recommended (Apple Security, WebKit Advisory).