{"id":29634179,"url":"https://github.com/ntfargo/uaf-2023-28205","last_synced_at":"2025-07-21T15:13:43.522Z","repository":{"id":265675401,"uuid":"896459919","full_name":"ntfargo/uaf-2023-28205","owner":"ntfargo","description":"PoC CVE-2023-28205: Apple WebKit Use-After-Free Vulnerability","archived":false,"fork":false,"pushed_at":"2024-12-01T16:08:19.000Z","size":18,"stargazers_count":13,"open_issues_count":0,"forks_count":4,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-07-03T02:58:51.815Z","etag":null,"topics":["apple","playstation","poc","ps4","ps5","use-after-free","vulnerability","webkit"],"latest_commit_sha":null,"homepage":"https://ntfargo.github.io/uaf-2023-28205/","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ntfargo.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-11-30T12:25:47.000Z","updated_at":"2025-06-22T09:31:38.000Z","dependencies_parsed_at":"2024-12-01T16:49:03.059Z","dependency_job_id":null,"html_url":"https://github.com/ntfargo/uaf-2023-28205","commit_stats":null,"previous_names":["ntfargo/uaf-2023-28205"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/ntfargo/uaf-2023-28205","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ntfargo%2Fuaf-2023-28205","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ntfargo%2Fuaf-2023-28205/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ntfargo%2Fuaf-2023-28205/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ntfargo%2Fuaf-2023-28205/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ntfargo","download_url":"https://codeload.github.com/ntfargo/uaf-2023-28205/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ntfargo%2Fuaf-2023-28205/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":266324700,"owners_count":23911238,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-07-21T11:47:31.412Z","response_time":64,"last_error":null,"robots_txt_status":null,"robots_txt_updated_at":null,"robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["apple","playstation","poc","ps4","ps5","use-after-free","vulnerability","webkit"],"created_at":"2025-07-21T15:13:42.082Z","updated_at":"2025-07-21T15:13:43.465Z","avatar_url":"https://github.com/ntfargo.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# CVE-2023-28205: Apple WebKit Use-After-Free Vulnerability\n\nThis vulnerability can be exploited through maliciously crafted web content, allowing attackers to execute arbitrary code.\n\n## Description\n\nThe code triggers a use-after-free (UAF) vulnerability by delaying the addition of `Map` and `Date` objects, which allows the garbage collector (GC) to free them. This can potentially lead to accessing freed objects, causing memory corruption or enabling exploits.\n\n## References\n\n- [WebKit Commit c9880de4a28b9a64a5e1d0513dc245d61a2e6ddb](https://github.com/WebKit/WebKit/commit/c9880de4a28b9a64a5e1d0513dc245d61a2e6ddb)\n \nCVE-2023-28205: Clément Lecigne of Google's Threat Analysis Group and Donncha Ó Cearbhaill of Amnesty International’s Security Lab\n\nThanks to abc for the proof of concept example.","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fntfargo%2Fuaf-2023-28205","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fntfargo%2Fuaf-2023-28205","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fntfargo%2Fuaf-2023-28205/lists"}