Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
8.8
CVSSv3

CVE-2022-32893

Published: 24/08/2022 Updated: 07/11/2023
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 0
Subscribe to Safari

Vulnerability Summary

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6.1 and iPadOS 15.6.1, macOS Monterey 12.5.1, Safari 15.6.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apple safari

apple ipados

apple iphone os

apple macos

fedoraproject fedora 35

fedoraproject fedora 36

debian debian linux 10.0

debian debian linux 11.0

webkitgtk webkitgtk

wpewebkit wpe webkit

Vendor Advisories

Red Hat: Moderate: webkit2gtk3 security update
Synopsis Moderate: webkit2gtk3 security update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated this update as hav ...
Red Hat: Moderate: webkit2gtk3 security update
Synopsis Moderate: webkit2gtk3 security update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as hav ...
Debian Security Advisories: DSA-5219-1 webkit2gtk -- security update
The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2022-32893 An anonymous researcher discovered that processing maliciously crafted web content may lead to arbitrary code execution Apple is aware of a report that this issue may have been actively exploited For the stable distribution (bullseye), ...
Debian Security Advisories: DSA-5220-1 wpewebkit -- security update
The following vulnerabilities have been discovered in the WPE WebKit web engine: CVE-2022-32893 An anonymous researcher discovered that processing maliciously crafted web content may lead to arbitrary code execution Apple is aware of a report that this issue may have been actively exploited For the stable distribution (bullseye) ...
Red Hat:
An out-of-bounds write issue was addressed with improved bounds checking This issue is fixed in iOS 1561 and iPadOS 1561, macOS Monterey 1251, Safari 1561 Processing maliciously crafted web content may lead to arbitrary code execution Apple is aware of a report that this issue may have been actively exploited ...
Arch Linux Issues:
Severity Unknown Remote Unknown Type Unknown Description AVG-2820 wpewebkit 2367-1 2368-1 Unknown Unknown AVG-2819 webkit2gtk 2367-1 2368-1 Unknown Unknown ...
Apple: macOS Monterey 12.5.1
About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available Recent releases are listed on the Apple security updates page Apple security documents reference vulnerabilities by CVE-ID&nbsp ...
Apple: iOS 15.6.1 and iPadOS 15.6.1
About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available Recent releases are listed on the Apple security updates page Apple security documents reference vulnerabilities by CVE-ID&nbsp ...

References

CWE-787https://support.apple.com/en-us/HT213414https://support.apple.com/en-us/HT213412https://support.apple.com/en-us/HT213413http://www.openwall.com/lists/oss-security/2022/08/25/5http://www.openwall.com/lists/oss-security/2022/08/26/2https://www.debian.org/security/2022/dsa-5219https://www.debian.org/security/2022/dsa-5220http://www.openwall.com/lists/oss-security/2022/08/29/1http://www.openwall.com/lists/oss-security/2022/08/29/2https://lists.debian.org/debian-lts-announce/2022/08/msg00019.htmlhttps://security.gentoo.org/glsa/202208-39http://seclists.org/fulldisclosure/2022/Aug/16http://www.openwall.com/lists/oss-security/2022/09/02/10http://www.openwall.com/lists/oss-security/2022/09/13/1http://seclists.org/fulldisclosure/2022/Oct/49https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7SETAAXEPGNBMYKTUDFEZHS5LGSQ64QL/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YKJGV2EXVMYQW3OAJNI4WUTKKVMD2YYK/https://access.redhat.com/errata/RHSA-2022:6634https://nvd.nist.govhttps://www.debian.org/security/2022/dsa-5219
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675CVE-2024-3400CVE-2024-23557mass assignmentCVE-2023-1389local file inclusionCVE-2024-32596file uploadCVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook