Lucene search

K

[email protected]NVD:CVE-2022-32888

HistoryNov 01, 2022 - 8:15 p.m.

CVE-2022-32888

2022-11-0120:15:18

CWE-787

[email protected]

web.nvd.nist.gov

macos

ios

ipados

watchos

tvos

arbitrary code execution

web content

security vulnerability

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.005 Low

EPSS

Percentile

76.0%

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, watchOS 9, macOS Monterey 12.6, tvOS 16. Processing maliciously crafted web content may lead to arbitrary code execution.

Affected configurations

NVD

Node

appleipadosRange<15.7

OR

appleiphone_osRange<15.7

OR

applemacosRange11.0–11.7

OR

applemacosRange12.0.0–12.6

OR

appletvosRange<16.0

OR

applewatchosRange<9.0

References

www.openwall.com/lists/oss-security/2022/11/04/4

security.gentoo.org/glsa/202305-32

support.apple.com/en-us/HT213443

support.apple.com/en-us/HT213444

support.apple.com/en-us/HT213445

support.apple.com/en-us/HT213446

support.apple.com/en-us/HT213486

support.apple.com/en-us/HT213487

support.apple.com/en-us/HT213488

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.005 Low

EPSS

Percentile

76.0%

Related for NVD:CVE-2022-32888

prion1 debiancve1 cve1 cvelist1 redhatcve1 ubuntucve1 openvas10 nessus17 mageia1 ubuntu1 osv6 apple7 redhat2 oraclelinux2 almalinux2 gentoo1 amazon1