CVE-2026-20652
Description
The issue was addressed with improved memory handling. This issue is fixed in macOS Tahoe 26.3, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3, Safari 26.3. A remote attacker may be able to cause a denial-of-service.
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.168
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple vulnerabilities are affected in Java SE Development Kit (x64) 8.0.4810.10 | Windows |
| Multiple vulnerabilities are affected in Java SE Development Kit 8.0.4810.10 | Windows |
| Multiple vulnerabilities are affected in Java Runtime Environment 1.8 (x64) 8.0.4810.10 | Windows |
| Multiple vulnerabilities are affected in Java Runtime Environment 1.8 8.0.4810.10 | Windows |
| Multiple vulnerabilities are fixed in Azul Zulu JDK 8 (MSI) 8.94.0.18 | Windows |
| Multiple vulnerabilities are fixed in Azul Zulu JDK 8 (MSI) (x64) 8.94.0.18 | Windows |
| Multiple vulnerabilities are fixed in Azul Zulu JDK 11 (MSI) (x64) 11.88.18 | Windows |
| Multiple vulnerabilities are fixed in Azul Zulu JDK 17 17.66.20 | Windows |
| Multiple vulnerabilities are fixed in Azul Zulu JDK 17 (x64) 17.66.20 | Windows |
| Multiple vulnerabilities are fixed in Azul Zulu JDK 21 (MSI) (x64) 21.50.20 | Windows |
| Multiple vulnerabilities are fixed in Azul Zulu JDK 25 (MSI) (x64) 25.34.18 | Windows |
| Multiple vulnerabilities are fixed in macOS Tahoe 26.3 (Software Update) (Auto Reboot) | Mac |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-613562 | macOS Tahoe 26.3 (Software Update) (Auto Reboot) |
| PATCH-358379 | Java SE Development Kit (x64) (8.0.4910.10) (Manual Upload Required) |
| PATCH-358381 | Java SE Development Kit (8.0.4910.10) (Manual Upload Required) |
| PATCH-358378 | Java Runtime Environment 1.8 (x64) (8.0.4910.10) (Manual Upload Required) |
| PATCH-358377 | Java Runtime Environment 1.8 (8.0.4910.10) (Manual Upload Required) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234