VDB
CISA-2022-32912
CISA-2022-32912
PUBLISHED
CVSS 8.8 HIGH
Reported by apple · Published September 20, 2022
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7. Processing maliciously crafted web content may lead to arbitrary code execution.
Risk Scores
CVSS 3.1
8.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apple | iOS | unspecified |
| Apple | Safari | unspecified |
| Apple | iOS and iPadOS | unspecified |
| Apple | Safari | unspecified, * |
| Apple | iOS | unspecified, unspecified |
| Apple | iOS and iPadOS | unspecified, unspecified |
Timeline
- Sep 20, 2022 CVE Published
- Jan 7, 2026 CVE Updated
References
- 20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13 mailing-list
- 20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13 mailing-list
- 20221030 APPLE-SA-2022-10-27-3 Additional information for APPLE-SA-2022-09-12-1 iOS 16 mailing-list
- 20221030 APPLE-SA-2022-10-27-4 Additional information for APPLE-SA-2022-09-12-2 iOS 15.7 and iPadOS 15.7 mailing-list
- 20221030 APPLE-SA-2022-10-27-13 watchOS 9 mailing-list
- 20221030 APPLE-SA-2022-10-27-14 Additional information for APPLE-SA-2022-09-12-5 Safari 16 mailing-list
- 20221030 APPLE-SA-2022-10-27-11 tvOS 16 mailing-list