DEBIAN-CVE-2022-42852

DEBIAN-CVE-2022-42852 PUBLISHED CVSS 6.5 MEDIUM

The issue was addressed with improved memory handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may result in the disclosure of process memory.

Risk Scores

CVSS 3.1

6.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Affected Products

Vendor	Product	Versions
Debian:14	webkit2gtk	0, 0, 0
Debian:12	webkit2gtk	0, 0, 0
Debian:11	webkit2gtk	2.36.4-1~deb11u1, 2.34.2-1, 0
Debian:13	wpewebkit	0, 0, 0
Debian:12	wpewebkit	0, 0, 0
Debian:13	webkit2gtk	0, 0, 0
Debian:14	wpewebkit	0, 0, 0
Debian:11	wpewebkit	2.34.5-1, 2.34.6-1, 2.34.6-1

Exploit Intelligence

macos_v2_generated.go (github-poc)
macos_v1_generated.go (github-poc)

Timeline

Dec 15, 2022 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2022-42852 advisory

Open in Interactive Console →