Apple has shipped a patch for iOS 16.5.1 and iPadOS 16.5.1 under its rapid security response program that addresses a vulnerability in the WebKit web browser engine.
The vulnerability has been assigned a common vulnerabilities and exposures identifier of CVE-2023-37450.
The discovery is attributed by Apple to “an anonymous researcher”.
Apple said that the vulnerability meant that “processing web content may lead to arbitrary code execution.”
It added that it “is aware of a report that this issue may have been actively exploited.”
Rapid security response releases are designed to deliver patches for zero-days to iOS, iPadOS and macOS between Apple’s usual patch cycle.
The first such response was released by Apple for a different vulnerability back in May.
