{"id":"CVE-2023-40397","details":"The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5. A remote attacker may be able to cause arbitrary javascript code execution.","modified":"2026-03-13T07:42:53.228642Z","published":"2023-09-06T21:15:13.850Z","related":["ALSA-2023:6535","ALSA-2023:7055","MGASA-2024-0148","SUSE-SU-2023:3753-1"],"references":[{"type":"ADVISORY","url":"http://www.openwall.com/lists/oss-security/2023/09/11/1"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/202401-04"},{"type":"ADVISORY","url":"https://support.apple.com/en-us/HT213843"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"13.5"}]},{"events":[{"introduced":"0"},{"fixed":"2.40.5"}]},{"events":[{"introduced":"0"},{"fixed":"2.40.5"}]}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-40397.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}