VDB
CVE-2022-22604
CVE-2022-22604
PUBLISHED
CVSS 6.800000190734863 MEDIUM
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Xcode 13.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution.
EPSS 0.42% · 62.2th percentile
Risk Scores
CVSS 2.0
6.800000190734863
EPSS Score
0.42%
62.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apple | Xcode | unspecified |
| apple | xcode | 0 |
Exploit Intelligence
- https://support.apple.com/en-us/HT213189 (circl)
- EXPL_Log4j_CVE_2021_44228_Dec21_Hard_RID31D9.yar (github-yara)
- EXPL_Log4j_CVE_2021_44228_Dec21_Hard_RID31D9.yar (github-yara)
- EXPL_Log4j_CVE_2021_44228_Dec21_Hard_RID31D9.yar (github-yara)
- EXPL_Log4j_CVE_2021_44228_Dec21_Hard_RID31D9.yar (github-yara)
- SUSP_Base64_Encoded_Exploit_Indicators_Dec21_RID3732.yar (github-yara)
- SUSP_Base64_Encoded_Exploit_Indicators_Dec21_RID3732.yar (github-yara)
- SUSP_Base64_Encoded_Exploit_Indicators_Dec21_RID3732.yar (github-yara)
- SUSP_Base64_Encoded_Exploit_Indicators_Dec21_RID3732.yar (github-yara)
- nids_rules.yar (github-yara)
…and 103 more exploits
Timeline
- Jun 28, 2021 PoC Published
- Dec 11, 2021 PoC Published
- Dec 13, 2021 PoC Published
- Mar 15, 2022 CVE Published
- Mar 19, 2022 EPSS Score
- Mar 24, 2022 EPSS Score
- May 9, 2022 EPSS Score
- Jun 7, 2022 PoC Published
- Jun 29, 2022 EPSS Score
- Aug 20, 2022 EPSS Score
- Sep 16, 2022 PoC Published
- Oct 10, 2022 EPSS Score
References
- https://support.apple.com/en-us/HT213189 advisory
- https://support.apple.com/fr-fr/HT213191 advisory
- https://support.apple.com/fr-fr/HT213182 advisory
- https://support.apple.com/fr-fr/HT213184 advisory
- https://support.apple.com/fr-fr/HT213185 advisory
- https://support.apple.com/fr-fr/HT213183 advisory
- https://support.apple.com/fr-fr/HT213188 advisory
- https://support.apple.com/fr-fr/HT213190 advisory
- https://support.apple.com/fr-fr/HT213193 advisory
- https://support.apple.com/fr-fr/HT213189 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2022-22604 advisory