Lucene search

PRIOn knowledge basePRION:CVE-2022-42856

HistoryDec 15, 2022 - 7:15 p.m.

Type confusion

2022-12-1519:15:00

PRIOn knowledge base

www.prio-n.com

type confusion

safari

tvos

macos ventura

ios

ipados

arbitrary code execution

exploited

8.6 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

76.7%

JSON

A type confusion issue was addressed with improved state handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.1.2. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.1…

CPENameOperatorVersion
ipadoslt15.7.2
iphone_oslt15.7.2
iphone_osge16.0
iphone_oslt16.1.2
macoslt13.1
safarilt16.2
tvoslt16.2

Name	Operator	Version
ipados	lt	15.7.2
iphone_os	lt	15.7.2
iphone_os	ge	16.0
iphone_os	lt	16.1.2
macos	lt	13.1
safari	lt	16.2
tvos	lt	16.2

References

seclists.org/fulldisclosure/2022/Dec/21

seclists.org/fulldisclosure/2022/Dec/22

seclists.org/fulldisclosure/2022/Dec/23

seclists.org/fulldisclosure/2022/Dec/26

seclists.org/fulldisclosure/2022/Dec/28

www.openwall.com/lists/oss-security/2022/12/26/1

security.gentoo.org/glsa/202305-32

support.apple.com/en-us/HT213516

support.apple.com/en-us/HT213531

support.apple.com/en-us/HT213532

support.apple.com/en-us/HT213535

support.apple.com/en-us/HT213537