About the security content of macOS Big Sur 11.6.8

2022-07-20T00:00:00

Description

# About the security content of macOS Big Sur 11.6.8 This document describes the security content of macOS Big Sur 11.6.8. ## About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page. Apple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible. For more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page. ![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png) ## macOS Big Sur 11.6.8 Released July 20, 2022 **APFS** Available for: macOS Big Sur Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2022-32832: Tommy Muir (@Muirey03) **AppleMobileFileIntegrity** Available for: macOS Big Sur Impact: An app may be able to gain root privileges Description: An authorization issue was addressed with improved state management. CVE-2022-32826: Mickey Jin (@patch1t) of Trend Micro **AppleScript** Available for: macOS Big Sur Impact: Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory Description: This issue was addressed with improved checks. CVE-2022-32797: Mickey Jin (@patch1t), Ye Zhang (@co0py_Cat) of Baidu Security, Mickey Jin (@patch1t) of Trend Micro **AppleScript** Available for: macOS Big Sur Impact: Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory Description: An out-of-bounds read issue was addressed with improved input validation. CVE-2022-32853: Ye Zhang (@co0py_Cat) of Baidu Security CVE-2022-32851: Ye Zhang (@co0py_Cat) of Baidu Security **AppleScript** Available for: macOS Big Sur Impact: Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory Description: An out-of-bounds read issue was addressed with improved bounds checking. CVE-2022-32831: Ye Zhang (@co0py_Cat) of Baidu Security **Archive Utility** Available for: macOS Big Sur Impact: An archive may be able to bypass Gatekeeper Description: A logic issue was addressed with improved checks. CVE-2022-32910: Ferdous Saljooki (@malwarezoo) of Jamf Software Entry added October 4, 2022 **Audio** Available for: macOS Big Sur Impact: An app may be able to disclose kernel memory Description: The issue was addressed with improved memory handling. CVE-2022-32825: John Aakerblom (@jaakerblom) **Audio** Available for: macOS Big Sur Impact: An app may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved input validation. CVE-2022-32820: an anonymous researcher **Calendar** Available for: macOS Big Sur Impact: An app may be able to access sensitive user information Description: The issue was addressed with improved handling of caches. CVE-2022-32805: Csaba Fitzl (@theevilbit) of Offensive Security **Calendar** Available for: macOS Big Sur Impact: An app may be able to access user-sensitive data Description: An information disclosure issue was addressed by removing the vulnerable code. CVE-2022-32849: Joshua Jones **CoreText** Available for: macOS Big Sur Impact: A remote user may cause an unexpected app termination or arbitrary code execution Description: The issue was addressed with improved bounds checks. CVE-2022-32839: STAR Labs (@starlabs_sg) **FaceTime** Available for: macOS Big Sur Impact: An app with root privileges may be able to access private information Description: This issue was addressed by enabling hardened runtime. CVE-2022-32781: Wojciech Reguła (@_r3ggi) of SecuRing **File System Events** Available for: macOS Big Sur Impact: An app may be able to gain root privileges Description: A logic issue was addressed with improved state management. CVE-2022-32819: Joshua Mason of Mandiant **ICU** Available for: macOS Big Sur Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2022-32787: Dohyun Lee (@l33d0hyun) of SSD Secure Disclosure Labs & DNSLab, Korea Univ. **ImageIO** Available for: macOS Big Sur Impact: Processing an image may lead to a denial-of-service Description: A null pointer dereference was addressed with improved validation. CVE-2022-32785: Yiğit Can YILMAZ (@yilmazcanyigit) **Intel Graphics Driver** Available for: macOS Big Sur Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2022-32812: Yinyi Wu (@3ndy1), ABC Research s.r.o. **Intel Graphics Driver** Available for: macOS Big Sur Impact: An app may be able to execute arbitrary code with kernel privileges Description: A memory corruption vulnerability was addressed with improved locking. CVE-2022-32811: ABC Research s.r.o **Kernel** Available for: macOS Big Sur Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2022-32815: Xinru Chi of Pangu Lab CVE-2022-32813: Xinru Chi of Pangu Lab **libxml2** Available for: macOS Big Sur Impact: An app may be able to leak sensitive user information Description: A memory initialization issue was addressed with improved memory handling. CVE-2022-32823 **Multi-Touch** Available for: macOS Big Sur Impact: An app may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved validation. CVE-2022-32814: Pan ZhenPeng(@Peterpan0927) Entry added November 9, 2022 **Multi-Touch** Available for: macOS Big Sur Impact: An app may be able to execute arbitrary code with kernel privileges Description: A type confusion issue was addressed with improved state handling. CVE-2022-32814: Pan ZhenPeng(@Peterpan0927) Entry added November 9, 2022 **PackageKit** Available for: macOS Big Sur Impact: An app may be able to modify protected parts of the file system Description: An issue in the handling of environment variables was addressed with improved validation. CVE-2022-32786: Mickey Jin (@patch1t) **PackageKit** Available for: macOS Big Sur Impact: An app may be able to modify protected parts of the file system Description: This issue was addressed with improved checks. CVE-2022-32800: Mickey Jin (@patch1t) **PluginKit** Available for: macOS Big Sur Impact: An app may be able to read arbitrary files Description: A logic issue was addressed with improved state management. CVE-2022-32838: Mickey Jin (@patch1t) of Trend Micro **PS Normalizer** Available for: macOS Big Sur Impact: Processing a maliciously crafted Postscript file may result in unexpected app termination or disclosure of process memory Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2022-32843: Kai Lu of Zscaler's ThreatLabz **Software Update** Available for: macOS Big Sur Impact: A user in a privileged network position can track a user’s activity Description: This issue was addressed by using HTTPS when sending information over the network. CVE-2022-32857: Jeffrey Paul (sneak.berlin) **Spindump** Available for: macOS Big Sur Impact: An app may be able to overwrite arbitrary files Description: This issue was addressed with improved file handling. CVE-2022-32807: Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab **Spotlight** Available for: macOS Big Sur Impact: An app may be able to gain elevated privileges Description: A validation issue in the handling of symlinks was addressed with improved validation of symlinks. CVE-2022-26704: Joshua Mason of Mandiant **TCC** Available for: macOS Big Sur Impact: An app may be able to access sensitive user information Description: An access issue was addressed with improvements to the sandbox. CVE-2022-32834: Xuxiang Yang (@another1024) of Tencent Security Xuanwu Lab (xlab.tencent.com), Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com), Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab (xlab.tencent.com) Entry updated September 16, 2022 **Vim** Available for: macOS Big Sur Impact: Multiple issues in Vim Description: Multiple issues were addressed by updating Vim. CVE-2022-0156 CVE-2022-0158 **Wi-Fi** Available for: macOS Big Sur Impact: An app may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write was addressed with improved input validation. CVE-2022-32860: Wang Yu of Cyberserval Entry added November 9, 2022 **Wi-Fi** Available for: macOS Big Sur Impact: A remote user may be able to cause unexpected system termination or corrupt kernel memory Description: This issue was addressed with improved checks. CVE-2022-32847: Wang Yu of Cyberserval **Windows Server** Available for: macOS Big Sur Impact: An app may be able to capture a user’s screen Description: A logic issue was addressed with improved checks. CVE-2022-32848: Jeremy Legendre of MacEnhance ![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png) ## Additional recognition **Calendar** We would like to acknowledge Joshua Jones for their assistance. Entry added November 9, 2022 ![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png) Information about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information. Published Date: November 09, 2022

Affected Software

CPE Name	Name	Version
	macos big sur	11.6.8

{"id": "APPLE:AC49D86768B40C9859AF7DC3073E5DAF", "vendorId": null, "type": "apple", "bulletinFamily": "software", "title": "About the security content of macOS Big Sur 11.6.8", "description": "# About the security content of macOS Big Sur 11.6.8\n\nThis document describes the security content of macOS Big Sur 11.6.8.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## macOS Big Sur 11.6.8\n\nReleased July 20, 2022\n\n**APFS**\n\nAvailable for: macOS Big Sur\n\nImpact: An app with root privileges may be able to execute arbitrary code with kernel privileges\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32832: Tommy Muir (@Muirey03)\n\n**AppleMobileFileIntegrity**\n\nAvailable for: macOS Big Sur\n\nImpact: An app may be able to gain root privileges\n\nDescription: An authorization issue was addressed with improved state management.\n\nCVE-2022-32826: Mickey Jin (@patch1t) of Trend Micro\n\n**AppleScript**\n\nAvailable for: macOS Big Sur\n\nImpact: Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-32797: Mickey Jin (@patch1t), Ye Zhang (@co0py_Cat) of Baidu Security, Mickey Jin (@patch1t) of Trend Micro\n\n**AppleScript**\n\nAvailable for: macOS Big Sur\n\nImpact: Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory\n\nDescription: An out-of-bounds read issue was addressed with improved input validation.\n\nCVE-2022-32853: Ye Zhang (@co0py_Cat) of Baidu Security\n\nCVE-2022-32851: Ye Zhang (@co0py_Cat) of Baidu Security\n\n**AppleScript**\n\nAvailable for: macOS Big Sur\n\nImpact: Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory\n\nDescription: An out-of-bounds read issue was addressed with improved bounds checking.\n\nCVE-2022-32831: Ye Zhang (@co0py_Cat) of Baidu Security\n\n**Archive Utility**\n\nAvailable for: macOS Big Sur\n\nImpact: An archive may be able to bypass Gatekeeper\n\nDescription: A logic issue was addressed with improved checks.\n\nCVE-2022-32910: Ferdous Saljooki (@malwarezoo) of Jamf Software\n\nEntry added October 4, 2022\n\n**Audio**\n\nAvailable for: macOS Big Sur\n\nImpact: An app may be able to disclose kernel memory\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32825: John Aakerblom (@jaakerblom)\n\n**Audio**\n\nAvailable for: macOS Big Sur\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: An out-of-bounds write issue was addressed with improved input validation.\n\nCVE-2022-32820: an anonymous researcher\n\n**Calendar**\n\nAvailable for: macOS Big Sur\n\nImpact: An app may be able to access sensitive user information\n\nDescription: The issue was addressed with improved handling of caches.\n\nCVE-2022-32805: Csaba Fitzl (@theevilbit) of Offensive Security\n\n**Calendar**\n\nAvailable for: macOS Big Sur\n\nImpact: An app may be able to access user-sensitive data\n\nDescription: An information disclosure issue was addressed by removing the vulnerable code.\n\nCVE-2022-32849: Joshua Jones\n\n**CoreText**\n\nAvailable for: macOS Big Sur\n\nImpact: A remote user may cause an unexpected app termination or arbitrary code execution\n\nDescription: The issue was addressed with improved bounds checks.\n\nCVE-2022-32839: STAR Labs (@starlabs_sg)\n\n**FaceTime**\n\nAvailable for: macOS Big Sur\n\nImpact: An app with root privileges may be able to access private information\n\nDescription: This issue was addressed by enabling hardened runtime.\n\nCVE-2022-32781: Wojciech Regu\u0142a (@_r3ggi) of SecuRing\n\n**File System Events**\n\nAvailable for: macOS Big Sur\n\nImpact: An app may be able to gain root privileges\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-32819: Joshua Mason of Mandiant\n\n**ICU**\n\nAvailable for: macOS Big Sur\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2022-32787: Dohyun Lee (@l33d0hyun) of SSD Secure Disclosure Labs & DNSLab, Korea Univ.\n\n**ImageIO**\n\nAvailable for: macOS Big Sur\n\nImpact: Processing an image may lead to a denial-of-service\n\nDescription: A null pointer dereference was addressed with improved validation.\n\nCVE-2022-32785: Yi\u011fit Can YILMAZ (@yilmazcanyigit)\n\n**Intel Graphics Driver**\n\nAvailable for: macOS Big Sur\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32812: Yinyi Wu (@3ndy1), ABC Research s.r.o.\n\n**Intel Graphics Driver**\n\nAvailable for: macOS Big Sur\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption vulnerability was addressed with improved locking.\n\nCVE-2022-32811: ABC Research s.r.o\n\n**Kernel**\n\nAvailable for: macOS Big Sur\n\nImpact: An app with root privileges may be able to execute arbitrary code with kernel privileges\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32815: Xinru Chi of Pangu Lab\n\nCVE-2022-32813: Xinru Chi of Pangu Lab\n\n**libxml2**\n\nAvailable for: macOS Big Sur\n\nImpact: An app may be able to leak sensitive user information\n\nDescription: A memory initialization issue was addressed with improved memory handling.\n\nCVE-2022-32823\n\n**Multi-Touch**\n\nAvailable for: macOS Big Sur\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nCVE-2022-32814: Pan ZhenPeng(@Peterpan0927)\n\nEntry added November 9, 2022\n\n**Multi-Touch**\n\nAvailable for: macOS Big Sur\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: A type confusion issue was addressed with improved state handling.\n\nCVE-2022-32814: Pan ZhenPeng(@Peterpan0927)\n\nEntry added November 9, 2022\n\n**PackageKit**\n\nAvailable for: macOS Big Sur\n\nImpact: An app may be able to modify protected parts of the file system\n\nDescription: An issue in the handling of environment variables was addressed with improved validation.\n\nCVE-2022-32786: Mickey Jin (@patch1t)\n\n**PackageKit**\n\nAvailable for: macOS Big Sur\n\nImpact: An app may be able to modify protected parts of the file system\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-32800: Mickey Jin (@patch1t)\n\n**PluginKit**\n\nAvailable for: macOS Big Sur\n\nImpact: An app may be able to read arbitrary files\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-32838: Mickey Jin (@patch1t) of Trend Micro\n\n**PS Normalizer**\n\nAvailable for: macOS Big Sur\n\nImpact: Processing a maliciously crafted Postscript file may result in unexpected app termination or disclosure of process memory\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2022-32843: Kai Lu of Zscaler's ThreatLabz\n\n**Software Update**\n\nAvailable for: macOS Big Sur\n\nImpact: A user in a privileged network position can track a user\u2019s activity\n\nDescription: This issue was addressed by using HTTPS when sending information over the network.\n\nCVE-2022-32857: Jeffrey Paul (sneak.berlin)\n\n**Spindump**\n\nAvailable for: macOS Big Sur\n\nImpact: An app may be able to overwrite arbitrary files\n\nDescription: This issue was addressed with improved file handling.\n\nCVE-2022-32807: Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab\n\n**Spotlight**\n\nAvailable for: macOS Big Sur\n\nImpact: An app may be able to gain elevated privileges\n\nDescription: A validation issue in the handling of symlinks was addressed with improved validation of symlinks.\n\nCVE-2022-26704: Joshua Mason of Mandiant\n\n**TCC**\n\nAvailable for: macOS Big Sur\n\nImpact: An app may be able to access sensitive user information\n\nDescription: An access issue was addressed with improvements to the sandbox.\n\nCVE-2022-32834: Xuxiang Yang (@another1024) of Tencent Security Xuanwu Lab (xlab.tencent.com), Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com), Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab (xlab.tencent.com)\n\nEntry updated September 16, 2022\n\n**Vim**\n\nAvailable for: macOS Big Sur\n\nImpact: Multiple issues in Vim\n\nDescription: Multiple issues were addressed by updating Vim.\n\nCVE-2022-0156\n\nCVE-2022-0158\n\n**Wi-Fi**\n\nAvailable for: macOS Big Sur\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: An out-of-bounds write was addressed with improved input validation.\n\nCVE-2022-32860: Wang Yu of Cyberserval\n\nEntry added November 9, 2022\n\n**Wi-Fi**\n\nAvailable for: macOS Big Sur\n\nImpact: A remote user may be able to cause unexpected system termination or corrupt kernel memory\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-32847: Wang Yu of Cyberserval\n\n**Windows Server**\n\nAvailable for: macOS Big Sur\n\nImpact: An app may be able to capture a user\u2019s screen\n\nDescription: A logic issue was addressed with improved checks.\n\nCVE-2022-32848: Jeremy Legendre of MacEnhance\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Additional recognition\n\n**Calendar**\n\nWe would like to acknowledge Joshua Jones for their assistance.\n\nEntry added November 9, 2022\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: November 09, 2022\n", "published": "2022-07-20T00:00:00", "modified": "2022-07-20T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 6.8}, "severity": "MEDIUM", "exploitabilityScore": 8.6, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://support.apple.com/kb/HT213344", "reporter": "Apple", "references": ["https://support.apple.com/en-us/HT201222"], "cvelist": ["CVE-2022-0156", "CVE-2022-0158", "CVE-2022-26704", "CVE-2022-32781", "CVE-2022-32785", "CVE-2022-32786", "CVE-2022-32787", "CVE-2022-32797", "CVE-2022-32800", "CVE-2022-32805", "CVE-2022-32807", "CVE-2022-32811", "CVE-2022-32812", "CVE-2022-32813", "CVE-2022-32814", "CVE-2022-32815", "CVE-2022-32819", "CVE-2022-32820", "CVE-2022-32823", "CVE-2022-32825", "CVE-2022-32826", "CVE-2022-32831", "CVE-2022-32832", "CVE-2022-32834", "CVE-2022-32838", "CVE-2022-32839", "CVE-2022-32843", "CVE-2022-32847", "CVE-2022-32848", "CVE-2022-32849", "CVE-2022-32851", "CVE-2022-32853", "CVE-2022-32857", "CVE-2022-32860", "CVE-2022-32910"], "immutableFields": [], "lastseen": "2022-11-09T21:58:49", "viewCount": 90, "enchantments": {"affected_software": {"major_version": [{"name": "macos big sur", "version": 11}]}, "affected_software_major_version": [{"name": "macos big sur", "version": 11}], "dependencies": {"references": [{"type": "alpinelinux", "idList": ["ALPINE:CVE-2022-0156", "ALPINE:CVE-2022-0158"]}, {"type": "amazon", "idList": ["ALAS-2022-1567", "ALAS2-2022-1751"]}, {"type": "apple", "idList": ["APPLE:138DC64ECE1F07104C6EF7D22CA29AAF", "APPLE:315A0A489FE54A17BA14F0B62D49D716", "APPLE:36D1157BC66453E0491C66ACBF433EE9", "APPLE:525A1C81291F8006179082509655B7D2", "APPLE:71C798D0F46D1E956B1D27B4A004E9B9", "APPLE:A95E7412240FFF6EACC98CE0311A5EE5", "APPLE:C9EF751487C406A634B9CBD013ECD410", "APPLE:DF68F7FFE1ED4E5157204A83619C4B89", "APPLE:E82A2A3D978FD519CBF58A36F587B070"]}, {"type": "cnvd", "idList": ["CNVD-2022-03942", "CNVD-2022-05043"]}, {"type": "cve", "idList": ["CVE-2022-0156", "CVE-2022-0158", "CVE-2022-26704", "CVE-2022-32781", "CVE-2022-32785", "CVE-2022-32786", "CVE-2022-32787", "CVE-2022-32797", "CVE-2022-32800", "CVE-2022-32805", "CVE-2022-32807", "CVE-2022-32811", "CVE-2022-32812", "CVE-2022-32813", "CVE-2022-32814", "CVE-2022-32815", "CVE-2022-32819", "CVE-2022-32820", "CVE-2022-32823", "CVE-2022-32825", "CVE-2022-32826", "CVE-2022-32831", "CVE-2022-32832", "CVE-2022-32834", "CVE-2022-32838", "CVE-2022-32839", "CVE-2022-32843", "CVE-2022-32847", "CVE-2022-32848", "CVE-2022-32849", "CVE-2022-32851", "CVE-2022-32853", "CVE-2022-32857", "CVE-2022-32910"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2022-0156", "DEBIANCVE:CVE-2022-0158"]}, {"type": "fedora", "idList": ["FEDORA:1270B3084039", "FEDORA:24C9A3192282"]}, {"type": "gentoo", "idList": ["GLSA-202208-32"]}, {"type": "githubexploit", "idList": ["37393B8B-A626-5459-AD36-69EB66654B35", "84E2D1AF-A777-566C-B293-27ED87F2C35C"]}, {"type": "huntr", "idList": ["47DDED34-3767-4725-8C7C-9DCB68C70B36", "AC5D7005-07C6-4A0A-B251-BA9CDBF6738B"]}, {"type": "mageia", "idList": ["MGASA-2022-0023"]}, {"type": "nessus", "idList": ["AL2_ALAS-2022-1751.NASL", "ALA_ALAS-2022-1567.NASL", "APPLE_IOS_156_CHECK.NBIN", "GENTOO_GLSA-202208-32.NASL", "MACOS_HT213183.NASL", "MACOS_HT213257.NASL", "MACOS_HT213343.NASL", "MACOS_HT213344.NASL", "MACOS_HT213345.NASL"]}, {"type": "photon", "idList": ["PHSA-2022-0161", "PHSA-2022-0380", "PHSA-2022-0466"]}, {"type": "redhatcve", "idList": ["RH:CVE-2022-0156", "RH:CVE-2022-0158"]}, {"type": "thn", "idList": ["THN:80C4CCCAB293DD273948D1317EAC8B73", "THN:D49EB15A8EC646123A52948B0E3A1F24"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-4173", "UB:CVE-2022-0156", "UB:CVE-2022-0158"]}, {"type": "veracode", "idList": ["VERACODE:33824", "VERACODE:33825"]}, {"type": "zdi", "idList": ["ZDI-22-1130"]}]}, "score": {"value": 0.3, "vector": "NONE"}, "vulnersScore": 0.3}, "_state": {"affected_software_major_version": 1668033010, "dependencies": 1668031192, "score": 1668031454}, "_internal": {"score_hash": "7c2a0f276582af9f7b8760822c1a3a6d"}, "affectedSoftware": [{"version": "11.6.8", "operator": "lt", "name": "macos big sur"}]}

{"nessus": [{"lastseen": "2023-01-26T04:17:14", "description": "The remote host is running a version of macOS / Mac OS X that is 11.x prior to 11.6.8 Big Sur. It is, therefore, affected by multiple vulnerabilities :\n\n - An out-of-bounds write issue vulnerability may lead to arbitrary code execution. (CVE-2022-32787)\n\n - Exploitation of this vulnerability may lead to arbitrary code execution with kernel privileges. (CVE-2022-32812)\n\n - Exploitation of this vulnerability may lead to access of sensitive user information. (CVE-2022-32834) \n\nNote that Nessus has not tested for this issue but has instead relied only on the operating system's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-08-19T00:00:00", "type": "nessus", "title": "macOS 11.x < 11.6.8 (HT213344)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0156", "CVE-2022-0158", "CVE-2022-26704", "CVE-2022-32781", "CVE-2022-32785", "CVE-2022-32786", "CVE-2022-32787", "CVE-2022-32797", "CVE-2022-32800", "CVE-2022-32805", "CVE-2022-32807", "CVE-2022-32811", "CVE-2022-32812", "CVE-2022-32813", "CVE-2022-32815", "CVE-2022-32819", "CVE-2022-32820", "CVE-2022-32823", "CVE-2022-32825", "CVE-2022-32826", "CVE-2022-32831", "CVE-2022-32832", "CVE-2022-32834", "CVE-2022-32838", "CVE-2022-32839", "CVE-2022-32843", "CVE-2022-32847", "CVE-2022-32848", "CVE-2022-32849", "CVE-2022-32851", "CVE-2022-32853", "CVE-2022-32857"], "modified": "2022-12-15T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x", "cpe:/o:apple:macos"], "id": "MACOS_HT213344.NASL", "href": "https://www.tenable.com/plugins/nessus/164292", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(164292);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/15\");\n\n script_cve_id(\n \"CVE-2022-0156\",\n \"CVE-2022-0158\",\n \"CVE-2022-26704\",\n \"CVE-2022-32781\",\n \"CVE-2022-32785\",\n \"CVE-2022-32786\",\n \"CVE-2022-32787\",\n \"CVE-2022-32797\",\n \"CVE-2022-32800\",\n \"CVE-2022-32805\",\n \"CVE-2022-32807\",\n \"CVE-2022-32811\",\n \"CVE-2022-32812\",\n \"CVE-2022-32813\",\n \"CVE-2022-32815\",\n \"CVE-2022-32819\",\n \"CVE-2022-32820\",\n \"CVE-2022-32823\",\n \"CVE-2022-32825\",\n \"CVE-2022-32826\",\n \"CVE-2022-32831\",\n \"CVE-2022-32832\",\n \"CVE-2022-32834\",\n \"CVE-2022-32838\",\n \"CVE-2022-32839\",\n \"CVE-2022-32843\",\n \"CVE-2022-32847\",\n \"CVE-2022-32848\",\n \"CVE-2022-32849\",\n \"CVE-2022-32851\",\n \"CVE-2022-32853\",\n \"CVE-2022-32857\"\n );\n script_xref(name:\"APPLE-SA\", value:\"HT213344\");\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2022-07-20\");\n script_xref(name:\"IAVA\", value:\"2022-A-0295-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0442-S\");\n\n script_name(english:\"macOS 11.x < 11.6.8 (HT213344)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a macOS or Mac OS X security update or supplemental update that fixes multiple\nvulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of macOS / Mac OS X that is 11.x prior to 11.6.8 Big Sur. It is, therefore, \naffected by multiple vulnerabilities :\n\n - An out-of-bounds write issue vulnerability may lead to arbitrary code execution. (CVE-2022-32787)\n\n - Exploitation of this vulnerability may lead to arbitrary code execution with kernel privileges. (CVE-2022-32812)\n\n - Exploitation of this vulnerability may lead to access of sensitive user information. (CVE-2022-32834) \n\nNote that Nessus has not tested for this issue but has instead relied only on the operating system's self-reported\nversion number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-gb/HT213344\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to macOS 11.6.8 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-26704\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-32839\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/07/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/07/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/08/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:macos\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_ports(\"Host/MacOSX/Version\", \"Host/local_checks_enabled\", \"Host/MacOSX/packages/boms\");\n\n exit(0);\n}\n\ninclude('vcf_extras_apple.inc');\n\nvar app_info = vcf::apple::macos::get_app_info();\nvar constraints = [{ 'min_version' : '11.0', 'fixed_version' : '11.6.6', 'fixed_display' : 'macOS Big Sur 11.6.6' }];\n\nvcf::apple::macos::check_version_and_report(\n app_info:app_info,\n constraints:constraints,\n severity:SECURITY_WARNING\n);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-10T19:27:21", "description": "The remote host is running a version of macOS / Mac OS X that is 0.0.x prior to Catalina Security Update 2022-005 Catalina. It is, therefore, affected by multiple vulnerabilities :\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-4136)\n\n - vim is vulnerable to Out-of-bounds Read (CVE-2021-4166, CVE-2021-4193, CVE-2022-0128)\n\n - vim is vulnerable to Use After Free (CVE-2021-4173, CVE-2021-4187, CVE-2021-4192)\n\n - A validation issue existed in the handling of symlinks and was addressed with improved validation of symlinks. This issue is fixed in macOS Monterey 12.4. An app may be able to gain elevated privileges.\n (CVE-2022-26704)\n\n - An issue in FaceTime was addressed by enabling hardened runtime. (CVE-2022-32781)\n\n - A null pointer dereference in ImageIO was addressed with improved validation. (CVE-2022-32785)\n\n - An issue in the handling of environment variables in PackageKitwas addressed with improved validation.\n (CVE-2022-32786)\n\n - An out-of-bounds write issue in the ICU library was addressed with improved bounds checking.\n (CVE-2022-32787, CVE-2022-32843)\n\n - Several issues in AppleScript were addressed with improved checks.\n (CVE-2022-32797, CVE-2022-32800, CVE-2022-32847)\n\n - An out-of-bounds read issue in SMB was addressed with improved bounds checking. (CVE-2022-32799)\n\n - An issue in the Calendar app was addressed with improved handling of caches. (CVE-2022-32805)\n\n - An issue in Spindump addressed with improved file handling. (CVE-2022-32807)\n\n - A memory corruption vulnerability in the Intel graphics driver was addressed with improved locking.\n (CVE-2022-32811)\n\n - Issues in the kernel were addressed with improved memory handling. (CVE-2022-32812, CVE-2022-32813, CVE-2022-32815, CVE-2022-32832)\n\n - A logic issue was addressed with improved state management. (CVE-2022-32819, CVE-2022-32838)\n\n - An out-of-bounds write issue was addressed with improved input validation. (CVE-2022-32820)\n\n - A memory initialization in libxml2 issue was addressed with improved memory handling. (CVE-2022-32823)\n\n - An authorization issue in AppleMobileFileIntegrity was addressed with improved state management. (CVE-2022-32826)\n\n - An out-of-bounds read was addressed with improved bounds checking. (CVE-2022-32831)\n\n - An access issue was addressed with improvements to the sandbox. (CVE-2022-32834)\n\n - The issue was addressed with improved bounds checks. (CVE-2022-32839)\n\n - An out-of-bounds read issue in AppleScript was addressed with improved input validation. (CVE-2022-32842, CVE-2022-32851, CVE-2022-32853)\n\n - An information disclosure issue in the Calendar app was addressed by removing the vulnerable code.\n (CVE-2022-32849)\n\n - This issue was addressed by using HTTPS when sending information over the network. (CVE-2022-32857)\n\nNote that Nessus has not tested for this issue but has instead relied only on the operating system's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-07-22T00:00:00", "type": "nessus", "title": "macOS 10.15.x < Catalina Security Update 2022-005 Catalina (HT213343)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4136", "CVE-2021-4166", "CVE-2021-4173", "CVE-2021-4187", "CVE-2021-4192", "CVE-2021-4193", "CVE-2022-0128", "CVE-2022-26704", "CVE-2022-32781", "CVE-2022-32785", "CVE-2022-32786", "CVE-2022-32787", "CVE-2022-32797", "CVE-2022-32799", "CVE-2022-32800", "CVE-2022-32805", "CVE-2022-32807", "CVE-2022-32811", "CVE-2022-32812", "CVE-2022-32813", "CVE-2022-32815", "CVE-2022-32819", "CVE-2022-32820", "CVE-2022-32823", "CVE-2022-32826", "CVE-2022-32831", "CVE-2022-32832", "CVE-2022-32834", "CVE-2022-32838", "CVE-2022-32839", "CVE-2022-32842", "CVE-2022-32843", "CVE-2022-32847", "CVE-2022-32849", "CVE-2022-32851", "CVE-2022-32853", "CVE-2022-32857"], "modified": "2022-12-15T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x", "cpe:/o:apple:macos"], "id": "MACOS_HT213343.NASL", "href": "https://www.tenable.com/plugins/nessus/163394", "sourceData": "##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163394);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/15\");\n\n script_cve_id(\n \"CVE-2021-4136\",\n \"CVE-2021-4166\",\n \"CVE-2021-4173\",\n \"CVE-2021-4187\",\n \"CVE-2021-4192\",\n \"CVE-2021-4193\",\n \"CVE-2022-0128\",\n \"CVE-2022-26704\",\n \"CVE-2022-32781\",\n \"CVE-2022-32785\",\n \"CVE-2022-32786\",\n \"CVE-2022-32787\",\n \"CVE-2022-32797\",\n \"CVE-2022-32799\",\n \"CVE-2022-32800\",\n \"CVE-2022-32805\",\n \"CVE-2022-32807\",\n \"CVE-2022-32811\",\n \"CVE-2022-32812\",\n \"CVE-2022-32813\",\n \"CVE-2022-32815\",\n \"CVE-2022-32819\",\n \"CVE-2022-32820\",\n \"CVE-2022-32823\",\n \"CVE-2022-32826\",\n \"CVE-2022-32831\",\n \"CVE-2022-32832\",\n \"CVE-2022-32834\",\n \"CVE-2022-32838\",\n \"CVE-2022-32839\",\n \"CVE-2022-32842\",\n \"CVE-2022-32843\",\n \"CVE-2022-32847\",\n \"CVE-2022-32849\",\n \"CVE-2022-32851\",\n \"CVE-2022-32853\",\n \"CVE-2022-32857\"\n );\n script_xref(name:\"APPLE-SA\", value:\"HT213343\");\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2022-07-20\");\n script_xref(name:\"IAVA\", value:\"2022-A-0294-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0442-S\");\n\n script_name(english:\"macOS 10.15.x < Catalina Security Update 2022-005 Catalina (HT213343)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a macOS or Mac OS X security update or supplemental update that fixes multiple\nvulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of macOS / Mac OS X that is 0.0.x prior to Catalina Security Update 2022-005\nCatalina. It is, therefore, affected by multiple vulnerabilities :\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-4136)\n\n - vim is vulnerable to Out-of-bounds Read (CVE-2021-4166, CVE-2021-4193, CVE-2022-0128)\n\n - vim is vulnerable to Use After Free (CVE-2021-4173, CVE-2021-4187, CVE-2021-4192)\n\n - A validation issue existed in the handling of symlinks and was addressed with improved validation of\n symlinks. This issue is fixed in macOS Monterey 12.4. An app may be able to gain elevated privileges.\n (CVE-2022-26704)\n\n - An issue in FaceTime was addressed by enabling hardened runtime. (CVE-2022-32781)\n\n - A null pointer dereference in ImageIO was addressed with improved validation. (CVE-2022-32785)\n\n - An issue in the handling of environment variables in PackageKitwas addressed with improved validation.\n (CVE-2022-32786)\n\n - An out-of-bounds write issue in the ICU library was addressed with improved bounds checking.\n (CVE-2022-32787, CVE-2022-32843)\n\n - Several issues in AppleScript were addressed with improved checks.\n (CVE-2022-32797, CVE-2022-32800, CVE-2022-32847)\n\n - An out-of-bounds read issue in SMB was addressed with improved bounds checking. (CVE-2022-32799)\n\n - An issue in the Calendar app was addressed with improved handling of caches. (CVE-2022-32805)\n\n - An issue in Spindump addressed with improved file handling. (CVE-2022-32807)\n\n - A memory corruption vulnerability in the Intel graphics driver was addressed with improved locking.\n (CVE-2022-32811)\n\n - Issues in the kernel were addressed with improved memory handling. (CVE-2022-32812, CVE-2022-32813, CVE-2022-32815,\n CVE-2022-32832)\n\n - A logic issue was addressed with improved state management. (CVE-2022-32819, CVE-2022-32838)\n\n - An out-of-bounds write issue was addressed with improved input validation. (CVE-2022-32820)\n\n - A memory initialization in libxml2 issue was addressed with improved memory handling. (CVE-2022-32823)\n\n - An authorization issue in AppleMobileFileIntegrity was addressed with improved state management. (CVE-2022-32826)\n\n - An out-of-bounds read was addressed with improved bounds checking. (CVE-2022-32831)\n\n - An access issue was addressed with improvements to the sandbox. (CVE-2022-32834)\n\n - The issue was addressed with improved bounds checks. (CVE-2022-32839)\n\n - An out-of-bounds read issue in AppleScript was addressed with improved input validation. (CVE-2022-32842,\n CVE-2022-32851, CVE-2022-32853)\n\n - An information disclosure issue in the Calendar app was addressed by removing the vulnerable code.\n (CVE-2022-32849)\n\n - This issue was addressed by using HTTPS when sending information over the network. (CVE-2022-32857)\n\nNote that Nessus has not tested for this issue but has instead relied only on the operating system's self-reported\nversion number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT213343\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to macOS 10.15.x < Catalina Security Update 2022-005 Catalina or later\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-26704\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-32839\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/07/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:macos\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_ports(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"Host/MacOSX/packages/boms\");\n\n exit(0);\n}\n\ninclude('vcf_extras_apple.inc');\n\nvar app_info = vcf::apple::macos::get_app_info();\n\nvar constraints = [\n {\n 'min_version' : '10.15',\n 'max_version' : '10.15.7',\n 'fixed_build' : '19H2026',\n 'fixed_display' : 'Catalina 10.15.7 Security Update 2022-005'\n }\n];\nvcf::apple::macos::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-27T04:28:51", "description": "The remote host is running a version of macOS / Mac OS X that is 12.x prior to 12.5 Monterey. It is, therefore, affected by multiple vulnerabilities :\n\n - Exploitation of this vulnerability may lead to memory corruption issue. (CVE-2022-32787)\n\n - Exploitation of this vulnerability may to disclose kernel memory. (CVE-2022-32793)\n\n - Exploitation of this vulnerability may lead to gain elevated privileges. (CVE-2022-32798)\n\nNote that Nessus has not tested for this issue but has instead relied only on the operating system's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-08-19T00:00:00", "type": "nessus", "title": "macOS 12.x < 12.5 (HT213345)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-28544", "CVE-2022-2294", "CVE-2022-24070", "CVE-2022-26981", "CVE-2022-29046", "CVE-2022-29048", "CVE-2022-32785", "CVE-2022-32786", "CVE-2022-32787", "CVE-2022-32789", "CVE-2022-32792", "CVE-2022-32793", "CVE-2022-32796", "CVE-2022-32797", "CVE-2022-32798", "CVE-2022-32799", "CVE-2022-32800", "CVE-2022-32801", "CVE-2022-32805", "CVE-2022-32807", "CVE-2022-32810", "CVE-2022-32811", "CVE-2022-32812", "CVE-2022-32813", "CVE-2022-32814", "CVE-2022-32815", "CVE-2022-32816", "CVE-2022-32817", "CVE-2022-32818", "CVE-2022-32819", "CVE-2022-32820", "CVE-2022-32821", "CVE-2022-32823", "CVE-2022-32825", "CVE-2022-32826", "CVE-2022-32828", "CVE-2022-32829", "CVE-2022-32831", "CVE-2022-32832", "CVE-2022-32834", "CVE-2022-32837", "CVE-2022-32838", "CVE-2022-32839", "CVE-2022-32840", "CVE-2022-32841", "CVE-2022-32842", "CVE-2022-32843", "CVE-2022-32845", "CVE-2022-32847", "CVE-2022-32848", "CVE-2022-32849", "CVE-2022-32851", "CVE-2022-32852", "CVE-2022-32853", "CVE-2022-32857"], "modified": "2022-12-15T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x", "cpe:/o:apple:macos"], "id": "MACOS_HT213345.NASL", "href": "https://www.tenable.com/plugins/nessus/164291", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(164291);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/15\");\n\n script_cve_id(\n \"CVE-2021-28544\",\n \"CVE-2022-2294\",\n \"CVE-2022-24070\",\n \"CVE-2022-26981\",\n \"CVE-2022-29046\",\n \"CVE-2022-29048\",\n \"CVE-2022-32785\",\n \"CVE-2022-32786\",\n \"CVE-2022-32787\",\n \"CVE-2022-32789\",\n \"CVE-2022-32792\",\n \"CVE-2022-32793\",\n \"CVE-2022-32796\",\n \"CVE-2022-32797\",\n \"CVE-2022-32798\",\n \"CVE-2022-32799\",\n \"CVE-2022-32800\",\n \"CVE-2022-32801\",\n \"CVE-2022-32805\",\n \"CVE-2022-32807\",\n \"CVE-2022-32810\",\n \"CVE-2022-32811\",\n \"CVE-2022-32812\",\n \"CVE-2022-32813\",\n \"CVE-2022-32814\",\n \"CVE-2022-32815\",\n \"CVE-2022-32816\",\n \"CVE-2022-32817\",\n \"CVE-2022-32818\",\n \"CVE-2022-32819\",\n \"CVE-2022-32820\",\n \"CVE-2022-32821\",\n \"CVE-2022-32823\",\n \"CVE-2022-32825\",\n \"CVE-2022-32826\",\n \"CVE-2022-32828\",\n \"CVE-2022-32829\",\n \"CVE-2022-32831\",\n \"CVE-2022-32832\",\n \"CVE-2022-32834\",\n \"CVE-2022-32837\",\n \"CVE-2022-32838\",\n \"CVE-2022-32839\",\n \"CVE-2022-32840\",\n \"CVE-2022-32841\",\n \"CVE-2022-32842\",\n \"CVE-2022-32843\",\n \"CVE-2022-32845\",\n \"CVE-2022-32847\",\n \"CVE-2022-32848\",\n \"CVE-2022-32849\",\n \"CVE-2022-32851\",\n \"CVE-2022-32852\",\n \"CVE-2022-32853\",\n \"CVE-2022-32857\"\n );\n script_xref(name:\"APPLE-SA\", value:\"HT213345\");\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2022-07-20\");\n script_xref(name:\"IAVA\", value:\"2022-A-0295-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0442-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/09/15\");\n\n script_name(english:\"macOS 12.x < 12.5 (HT213345)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a macOS or Mac OS X security update or supplemental update that fixes multiple\nvulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of macOS / Mac OS X that is 12.x prior to 12.5 Monterey. It is, therefore, \naffected by multiple vulnerabilities :\n\n - Exploitation of this vulnerability may lead to memory corruption issue. (CVE-2022-32787)\n\n - Exploitation of this vulnerability may to disclose kernel memory. (CVE-2022-32793)\n\n - Exploitation of this vulnerability may lead to gain elevated privileges. (CVE-2022-32798)\n\nNote that Nessus has not tested for this issue but has instead relied only on the operating system's self-reported\nversion number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-gb/HT213345\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to macOS 12.5 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-26981\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-32845\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/07/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/07/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/08/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:macos\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_ports(\"Host/MacOSX/Version\", \"Host/local_checks_enabled\", \"Host/MacOSX/packages/boms\");\n\n exit(0);\n}\n\ninclude('vcf_extras_apple.inc');\n\nvar app_info = vcf::apple::macos::get_app_info();\nvar constraints = [\n {\n 'min_version': '12.0', \n 'fixed_version': '12.5', \n 'fixed_display': 'macOS Monterey 12.5'\n }\n];\n\nvcf::apple::macos::check_version_and_report(\n app_info:app_info,\n constraints:constraints,\n severity:SECURITY_WARNING\n);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-06T20:41:13", "description": "The version of Apple iOS running on the mobile device is prior to 15.6. It is, therefore, affected by multiple vulnerabilities, including the following:\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4, watchOS 8.6, tvOS 15.5, macOS Big Sur 11.6.6. An application may be able to execute arbitrary code with kernel privileges. (CVE-2022-26768)\n\n - An out-of-bounds write issue was addressed with improved bounds checking. (CVE-2022-32787)\n\n - A buffer overflow was addressed with improved bounds checking. (CVE-2022-32788)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-07-22T00:00:00", "type": "nessus", "title": "Apple iOS < 15.6 Multiple Vulnerabilities (HT213346)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-2294", "CVE-2022-26768", "CVE-2022-26981", "CVE-2022-32784", "CVE-2022-32785", "CVE-2022-32787", "CVE-2022-32788", "CVE-2022-32792", "CVE-2022-32793", "CVE-2022-32802", "CVE-2022-32810", "CVE-2022-32813", "CVE-2022-32814", "CVE-2022-32815", "CVE-2022-32816", "CVE-2022-32817", "CVE-2022-32819", "CVE-2022-32820", "CVE-2022-32821", "CVE-2022-32823", "CVE-2022-32824", "CVE-2022-32825", "CVE-2022-32826", "CVE-2022-32828", "CVE-2022-32829", "CVE-2022-32830", "CVE-2022-32832", "CVE-2022-32837", "CVE-2022-32838", "CVE-2022-32839", "CVE-2022-32840", "CVE-2022-32841", "CVE-2022-32844", "CVE-2022-32845", "CVE-2022-32847", "CVE-2022-32849", "CVE-2022-32855", "CVE-2022-32857"], "modified": "2023-02-06T00:00:00", "cpe": ["cpe:/o:apple:iphone_os"], "id": "APPLE_IOS_156_CHECK.NBIN", "href": "https://www.tenable.com/plugins/nessus/163395", "sourceData": "Binary data apple_ios_156_check.nbin", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-18T21:44:27", "description": "It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2022-1567 advisory.\n\n - vim is vulnerable to Use After Free (CVE-2022-0156)\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2022-0158, CVE-2022-0213)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0261, CVE-2022-0359)\n\n - Heap-based Buffer Overflow in vim/vim prior to 8.2. (CVE-2022-0318)\n\n - Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.\n (CVE-2022-0351)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-19T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : vim (ALAS-2022-1567)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0156", "CVE-2022-0158", "CVE-2022-0213", "CVE-2022-0261", "CVE-2022-0318", "CVE-2022-0351", "CVE-2022-0359"], "modified": "2022-02-19T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:vim-common", "p-cpe:/a:amazon:linux:vim-data", "p-cpe:/a:amazon:linux:vim-debuginfo", "p-cpe:/a:amazon:linux:vim-enhanced", "p-cpe:/a:amazon:linux:vim-filesystem", "p-cpe:/a:amazon:linux:vim-minimal", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2022-1567.NASL", "href": "https://www.tenable.com/plugins/nessus/158195", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2022-1567.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158195);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/02/19\");\n\n script_cve_id(\n \"CVE-2022-0156\",\n \"CVE-2022-0158\",\n \"CVE-2022-0213\",\n \"CVE-2022-0261\",\n \"CVE-2022-0318\",\n \"CVE-2022-0351\",\n \"CVE-2022-0359\"\n );\n script_xref(name:\"ALAS\", value:\"2022-1567\");\n\n script_name(english:\"Amazon Linux AMI : vim (ALAS-2022-1567)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux AMI host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2022-1567 advisory.\n\n - vim is vulnerable to Use After Free (CVE-2022-0156)\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2022-0158, CVE-2022-0213)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0261, CVE-2022-0359)\n\n - Heap-based Buffer Overflow in vim/vim prior to 8.2. (CVE-2022-0318)\n\n - Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.\n (CVE-2022-0351)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/ALAS-2022-1567.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0156.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0158.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0213.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0261.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0318.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0351.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0359.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update vim' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-0318\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-enhanced\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nvar os_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar pkgs = [\n {'reference':'vim-common-8.2.4314-1.1.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-common-8.2.4314-1.1.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-data-8.2.4314-1.1.amzn1', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-debuginfo-8.2.4314-1.1.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-debuginfo-8.2.4314-1.1.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-enhanced-8.2.4314-1.1.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-enhanced-8.2.4314-1.1.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-filesystem-8.2.4314-1.1.amzn1', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-minimal-8.2.4314-1.1.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-minimal-8.2.4314-1.1.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"vim-common / vim-data / vim-debuginfo / etc\");\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-19T00:25:57", "description": "It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1751 advisory.\n\n - vim is vulnerable to Use After Free (CVE-2022-0156)\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2022-0158, CVE-2022-0213)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0261, CVE-2022-0359)\n\n - Heap-based Buffer Overflow in vim/vim prior to 8.2. (CVE-2022-0318)\n\n - Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.\n (CVE-2022-0351)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-21T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : vim (ALAS-2022-1751)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0156", "CVE-2022-0158", "CVE-2022-0213", "CVE-2022-0261", "CVE-2022-0318", "CVE-2022-0351", "CVE-2022-0359"], "modified": "2022-02-21T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:vim-X11", "p-cpe:/a:amazon:linux:vim-common", "p-cpe:/a:amazon:linux:vim-data", "p-cpe:/a:amazon:linux:vim-debuginfo", "p-cpe:/a:amazon:linux:vim-enhanced", "p-cpe:/a:amazon:linux:vim-filesystem", "p-cpe:/a:amazon:linux:vim-minimal", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2022-1751.NASL", "href": "https://www.tenable.com/plugins/nessus/158211", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2022-1751.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158211);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/02/21\");\n\n script_cve_id(\n \"CVE-2022-0156\",\n \"CVE-2022-0158\",\n \"CVE-2022-0213\",\n \"CVE-2022-0261\",\n \"CVE-2022-0318\",\n \"CVE-2022-0351\",\n \"CVE-2022-0359\"\n );\n script_xref(name:\"ALAS\", value:\"2022-1751\");\n\n script_name(english:\"Amazon Linux 2 : vim (ALAS-2022-1751)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1751 advisory.\n\n - vim is vulnerable to Use After Free (CVE-2022-0156)\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2022-0158, CVE-2022-0213)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0261, CVE-2022-0359)\n\n - Heap-based Buffer Overflow in vim/vim prior to 8.2. (CVE-2022-0318)\n\n - Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.\n (CVE-2022-0351)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2/ALAS-2022-1751.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0156.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0158.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0213.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0261.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0318.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0351.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0359.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update vim' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-0318\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-X11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-enhanced\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nvar os_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar pkgs = [\n {'reference':'vim-common-8.2.4314-1.amzn2.0.1', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-common-8.2.4314-1.amzn2.0.1', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-common-8.2.4314-1.amzn2.0.1', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-data-8.2.4314-1.amzn2.0.1', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-debuginfo-8.2.4314-1.amzn2.0.1', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-debuginfo-8.2.4314-1.amzn2.0.1', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-debuginfo-8.2.4314-1.amzn2.0.1', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-enhanced-8.2.4314-1.amzn2.0.1', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-enhanced-8.2.4314-1.amzn2.0.1', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-enhanced-8.2.4314-1.amzn2.0.1', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-filesystem-8.2.4314-1.amzn2.0.1', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-minimal-8.2.4314-1.amzn2.0.1', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-minimal-8.2.4314-1.amzn2.0.1', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-minimal-8.2.4314-1.amzn2.0.1', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-X11-8.2.4314-1.amzn2.0.1', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-X11-8.2.4314-1.amzn2.0.1', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-X11-8.2.4314-1.amzn2.0.1', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"vim-X11 / vim-common / vim-data / etc\");\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-10T19:19:28", "description": "The remote host is running a version of macOS / Mac OS X that is 12.x prior to 12.3 Monterey. It is, therefore, affected by multiple vulnerabilities, including the following:\n - A use after free issue was addressed with improved memory management. Successful exploitation could result in arbitrary code execution with kernel privileges (CVE-2022-22614). \n\n - A logic issue was addressed with improved state management. Successful exploitation could result in privilege escalation (CVE-2022-22632).\n\n - A null pointer dereference was addressed with improved validation. Successful exploitation could result in a denial of service condition. (CVE-2022-22638).\n\nNote that Nessus has not tested for this issue but has instead relied only on the operating system's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-03-21T00:00:00", "type": "nessus", "title": "macOS 12.x < 12.3 (HT213183)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-22945", "CVE-2021-22946", "CVE-2021-22947", "CVE-2021-36976", "CVE-2021-4136", "CVE-2021-4166", "CVE-2021-4173", "CVE-2021-4187", "CVE-2021-4192", "CVE-2021-4193", "CVE-2021-46059", "CVE-2022-0128", "CVE-2022-0156", "CVE-2022-0158", "CVE-2022-22582", "CVE-2022-22597", "CVE-2022-22599", "CVE-2022-22600", "CVE-2022-22609", "CVE-2022-22610", "CVE-2022-22611", "CVE-2022-22612", "CVE-2022-22613", "CVE-2022-22614", "CVE-2022-22615", "CVE-2022-22616", "CVE-2022-22617", "CVE-2022-22621", "CVE-2022-22623", "CVE-2022-22624", "CVE-2022-22625", "CVE-2022-22626", "CVE-2022-22627", "CVE-2022-22628", "CVE-2022-22629", "CVE-2022-22631", "CVE-2022-22632", "CVE-2022-22633", "CVE-2022-22637", "CVE-2022-22638", "CVE-2022-22639", "CVE-2022-22640", "CVE-2022-22641", "CVE-2022-22643", "CVE-2022-22644", "CVE-2022-22647", "CVE-2022-22648", "CVE-2022-22650", "CVE-2022-22651", "CVE-2022-22656", "CVE-2022-22657", "CVE-2022-22660", "CVE-2022-22661", "CVE-2022-22662", "CVE-2022-22664", "CVE-2022-22665", "CVE-2022-22668", "CVE-2022-22669"], "modified": "2022-12-15T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x", "cpe:/o:apple:macos"], "id": "MACOS_HT213183.NASL", "href": "https://www.tenable.com/plugins/nessus/159106", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(159106);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/15\");\n\n script_cve_id(\n \"CVE-2021-4136\",\n \"CVE-2021-4166\",\n \"CVE-2021-4173\",\n \"CVE-2021-4187\",\n \"CVE-2021-4192\",\n \"CVE-2021-4193\",\n \"CVE-2021-22945\",\n \"CVE-2021-22946\",\n \"CVE-2021-22947\",\n \"CVE-2021-36976\",\n \"CVE-2021-46059\",\n \"CVE-2022-0128\",\n \"CVE-2022-0156\",\n \"CVE-2022-0158\",\n \"CVE-2022-22582\",\n \"CVE-2022-22597\",\n \"CVE-2022-22599\",\n \"CVE-2022-22600\",\n \"CVE-2022-22609\",\n \"CVE-2022-22610\",\n \"CVE-2022-22611\",\n \"CVE-2022-22612\",\n \"CVE-2022-22613\",\n \"CVE-2022-22614\",\n \"CVE-2022-22615\",\n \"CVE-2022-22616\",\n \"CVE-2022-22617\",\n \"CVE-2022-22621\",\n \"CVE-2022-22623\",\n \"CVE-2022-22624\",\n \"CVE-2022-22625\",\n \"CVE-2022-22626\",\n \"CVE-2022-22627\",\n \"CVE-2022-22628\",\n \"CVE-2022-22629\",\n \"CVE-2022-22631\",\n \"CVE-2022-22632\",\n \"CVE-2022-22633\",\n \"CVE-2022-22637\",\n \"CVE-2022-22638\",\n \"CVE-2022-22639\",\n \"CVE-2022-22640\",\n \"CVE-2022-22641\",\n \"CVE-2022-22643\",\n \"CVE-2022-22644\",\n \"CVE-2022-22647\",\n \"CVE-2022-22648\",\n \"CVE-2022-22650\",\n \"CVE-2022-22651\",\n \"CVE-2022-22656\",\n \"CVE-2022-22657\",\n \"CVE-2022-22660\",\n \"CVE-2022-22661\",\n \"CVE-2022-22662\",\n \"CVE-2022-22664\",\n \"CVE-2022-22665\",\n \"CVE-2022-22668\",\n \"CVE-2022-22669\"\n );\n script_xref(name:\"APPLE-SA\", value:\"HT213183\");\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2022-03-14-4\");\n script_xref(name:\"IAVA\", value:\"2022-A-0118-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0442-S\");\n\n script_name(english:\"macOS 12.x < 12.3 (HT213183)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a macOS security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of macOS / Mac OS X that is 12.x prior to 12.3 Monterey. It is, therefore,\naffected by multiple vulnerabilities, including the following:\n \n - A use after free issue was addressed with improved memory management. Successful exploitation could \n result in arbitrary code execution with kernel privileges (CVE-2022-22614). \n\n - A logic issue was addressed with improved state management. Successful exploitation could result in\n privilege escalation (CVE-2022-22632).\n\n - A null pointer dereference was addressed with improved validation. Successful exploitation could \n result in a denial of service condition. (CVE-2022-22638).\n\nNote that Nessus has not tested for this issue but has instead relied only on the operating system's self-reported\nversion number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-gb/HT213183\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to macOS 12.3 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-22665\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-22641\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'macOS Gatekeeper check bypass');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:macos\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_ports(\"Host/MacOSX/Version\", \"Host/local_checks_enabled\", \"Host/MacOSX/packages/boms\");\n\n exit(0);\n}\n\ninclude('vcf_extras_apple.inc');\n\nvar app_info = vcf::apple::macos::get_app_info();\nvar constraints = [\n {\n 'min_version': '12.0', \n 'fixed_version': '12.3', \n 'fixed_display': 'macOS Monterey 12.3'\n }\n];\n\nvcf::apple::macos::check_version_and_report(\n app_info:app_info,\n constraints:constraints,\n severity:SECURITY_HOLE\n);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-16T04:34:46", "description": "The remote host is affected by the vulnerability described in GLSA-202208-32 (Vim, gVim: Multiple Vulnerabilities)\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3770, CVE-2021-3778, CVE-2021-3872, CVE-2021-3875, CVE-2021-3927, CVE-2021-3968, CVE-2021-3973, CVE-2021-3984, CVE-2021-4019, CVE-2021-4136, CVE-2022-0158, CVE-2022-0213)\n\n - vim is vulnerable to Use After Free (CVE-2021-3796, CVE-2021-3974, CVE-2021-4069, CVE-2021-4173, CVE-2021-4187, CVE-2021-4192, CVE-2022-0156)\n\n - vim is vulnerable to Use of Uninitialized Variable (CVE-2021-3928)\n\n - vim is vulnerable to Out-of-bounds Read (CVE-2021-4166, CVE-2021-4193, CVE-2022-0128)\n\n - ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. (CVE-2021-46059)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0261, CVE-2022-0359, CVE-2022-0361, CVE-2022-0407, CVE-2022-1886, CVE-2022-1942, CVE-2022-2125, CVE-2022-2182, CVE-2022-2207)\n\n - Heap-based Buffer Overflow in vim/vim prior to 8.2. (CVE-2022-0318)\n\n - Out-of-bounds Read in vim/vim prior to 8.2. (CVE-2022-0319)\n\n - Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.\n (CVE-2022-0351)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. (CVE-2022-0368, CVE-2022-0393, CVE-2022-1851, CVE-2022-2126, CVE-2022-2183, CVE-2022-2206)\n\n - Heap-based Buffer Overflow in GitHub repository vim prior to 8.2. (CVE-2022-0392)\n\n - Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0408, CVE-2022-0629)\n\n - Use After Free in GitHub repository vim/vim prior to 8.2. (CVE-2022-0413, CVE-2022-0443, CVE-2022-1898, CVE-2022-1968, CVE-2022-2042)\n\n - Heap-based Buffer Overflow GitHub repository vim/vim prior to 8.2. (CVE-2022-0417)\n\n - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2. (CVE-2022-0554)\n\n - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4418. (CVE-2022-0685)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4436. (CVE-2022-0714)\n\n - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4440. (CVE-2022-0729)\n\n - Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563. (CVE-2022-0943)\n\n - Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646. (CVE-2022-1154)\n\n - heap buffer overflow in get_one_sourceline in GitHub repository vim/vim prior to 8.2.4647. (CVE-2022-1160)\n\n - global heap buffer overflow in skip_range in GitHub repository vim/vim prior to 8.2.4763. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution (CVE-2022-1381)\n\n - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774. (CVE-2022-1420)\n\n - Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution (CVE-2022-1616)\n\n - Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899.\n This vulnerabilities are capable of crashing software, modify memory, and possible remote execution (CVE-2022-1619)\n\n - NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allows attackers to cause a denial of service (application crash) via a crafted input. (CVE-2022-1620)\n\n - Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution (CVE-2022-1621)\n\n - Buffer Over-read in function find_next_quote in GitHub repository vim/vim prior to 8.2.4925. This vulnerabilities are capable of crashing software, Modify Memory, and possible remote execution (CVE-2022-1629)\n\n - NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 in GitHub repository vim/vim prior to 8.2.4938. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 allows attackers to cause a denial of service (application crash) via a crafted input. (CVE-2022-1674)\n\n - Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution.\n (CVE-2022-1720)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968. (CVE-2022-1733)\n\n - Classic Buffer Overflow in GitHub repository vim/vim prior to 8.2.4969. (CVE-2022-1735)\n\n - Buffer Over-read in GitHub repository vim/vim prior to 8.2.4974. (CVE-2022-1769)\n\n - Uncontrolled Recursion in GitHub repository vim/vim prior to 8.2.4975. (CVE-2022-1771)\n\n - Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.4977. (CVE-2022-1785)\n\n - Use After Free in GitHub repository vim/vim prior to 8.2.4979. (CVE-2022-1796)\n\n - Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. (CVE-2022-1897, CVE-2022-2000, CVE-2022-2129, CVE-2022-2210)\n\n - Buffer Over-read in GitHub repository vim/vim prior to 8.2. (CVE-2022-1927, CVE-2022-2124, CVE-2022-2175)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.5163. (CVE-2022-2208)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2. (CVE-2022-2231)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. (CVE-2022-2257, CVE-2022-2286, CVE-2022-2287)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. (CVE-2022-2264, CVE-2022-2284)\n\n - Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0. (CVE-2022-2285)\n\n - Out-of-bounds Write in GitHub repository vim/vim prior to 9.0. (CVE-2022-2288)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0. (CVE-2022-2289)\n\n - Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. (CVE-2022-2304)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0044. (CVE-2022-2343)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0045. (CVE-2022-2344)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0046. (CVE-2022-2345)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-08-21T00:00:00", "type": "nessus", "title": "GLSA-202208-32 : Vim, gVim: Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3770", "CVE-2021-3778", "CVE-2021-3796", "CVE-2021-3872", "CVE-2021-3875", "CVE-2021-3927", "CVE-2021-3928", "CVE-2021-3968", "CVE-2021-3973", "CVE-2021-3974", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-4069", "CVE-2021-4136", "CVE-2021-4166", "CVE-2021-4173", "CVE-2021-4187", "CVE-2021-4192", "CVE-2021-4193", "CVE-2021-46059", "CVE-2022-0128", "CVE-2022-0156", "CVE-2022-0158", "CVE-2022-0213", "CVE-2022-0261", "CVE-2022-0318", "CVE-2022-0319", "CVE-2022-0351", "CVE-2022-0359", "CVE-2022-0361", "CVE-2022-0368", "CVE-2022-0392", "CVE-2022-0393", "CVE-2022-0407", "CVE-2022-0408", "CVE-2022-0413", "CVE-2022-0417", "CVE-2022-0443", "CVE-2022-0554", "CVE-2022-0629", "CVE-2022-0685", "CVE-2022-0714", "CVE-2022-0729", "CVE-2022-0943", "CVE-2022-1154", "CVE-2022-1160", "CVE-2022-1381", "CVE-2022-1420", "CVE-2022-1616", "CVE-2022-1619", "CVE-2022-1620", "CVE-2022-1621", "CVE-2022-1629", "CVE-2022-1674", "CVE-2022-1720", "CVE-2022-1733", "CVE-2022-1735", "CVE-2022-1769", "CVE-2022-1771", "CVE-2022-1785", "CVE-2022-1796", "CVE-2022-1851", "CVE-2022-1886", "CVE-2022-1897", "CVE-2022-1898", "CVE-2022-1927", "CVE-2022-1942", "CVE-2022-1968", "CVE-2022-2000", "CVE-2022-2042", "CVE-2022-2124", "CVE-2022-2125", "CVE-2022-2126", "CVE-2022-2129", "CVE-2022-2175", "CVE-2022-2182", "CVE-2022-2183", "CVE-2022-2206", "CVE-2022-2207", "CVE-2022-2208", "CVE-2022-2210", "CVE-2022-2231", "CVE-2022-2257", "CVE-2022-2264", "CVE-2022-2284", "CVE-2022-2285", "CVE-2022-2286", "CVE-2022-2287", "CVE-2022-2288", "CVE-2022-2289", "CVE-2022-2304", "CVE-2022-2343", "CVE-2022-2344", "CVE-2022-2345"], "modified": "2022-12-15T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:gvim", "p-cpe:/a:gentoo:linux:vim", "p-cpe:/a:gentoo:linux:vim-core", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-202208-32.NASL", "href": "https://www.tenable.com/plugins/nessus/164318", "sourceData": "#%NASL_MIN_LEVEL 80900\n#\n# (C) Tenable, Inc.\n#\n# @NOAGENT@\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 202208-32.\n#\n# The advisory text is Copyright (C) 2001-2021 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike\n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(164318);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/15\");\n\n script_cve_id(\n \"CVE-2021-3770\",\n \"CVE-2021-3778\",\n \"CVE-2021-3796\",\n \"CVE-2021-3872\",\n \"CVE-2021-3875\",\n \"CVE-2021-3927\",\n \"CVE-2021-3928\",\n \"CVE-2021-3968\",\n \"CVE-2021-3973\",\n \"CVE-2021-3974\",\n \"CVE-2021-3984\",\n \"CVE-2021-4019\",\n \"CVE-2021-4069\",\n \"CVE-2021-4136\",\n \"CVE-2021-4166\",\n \"CVE-2021-4173\",\n \"CVE-2021-4187\",\n \"CVE-2021-4192\",\n \"CVE-2021-4193\",\n \"CVE-2021-46059\",\n \"CVE-2022-0128\",\n \"CVE-2022-0156\",\n \"CVE-2022-0158\",\n \"CVE-2022-0213\",\n \"CVE-2022-0261\",\n \"CVE-2022-0318\",\n \"CVE-2022-0319\",\n \"CVE-2022-0351\",\n \"CVE-2022-0359\",\n \"CVE-2022-0361\",\n \"CVE-2022-0368\",\n \"CVE-2022-0392\",\n \"CVE-2022-0393\",\n \"CVE-2022-0407\",\n \"CVE-2022-0408\",\n \"CVE-2022-0413\",\n \"CVE-2022-0417\",\n \"CVE-2022-0443\",\n \"CVE-2022-0554\",\n \"CVE-2022-0629\",\n \"CVE-2022-0685\",\n \"CVE-2022-0714\",\n \"CVE-2022-0729\",\n \"CVE-2022-0943\",\n \"CVE-2022-1154\",\n \"CVE-2022-1160\",\n \"CVE-2022-1381\",\n \"CVE-2022-1420\",\n \"CVE-2022-1616\",\n \"CVE-2022-1619\",\n \"CVE-2022-1620\",\n \"CVE-2022-1621\",\n \"CVE-2022-1629\",\n \"CVE-2022-1674\",\n \"CVE-2022-1720\",\n \"CVE-2022-1733\",\n \"CVE-2022-1735\",\n \"CVE-2022-1769\",\n \"CVE-2022-1771\",\n \"CVE-2022-1785\",\n \"CVE-2022-1796\",\n \"CVE-2022-1851\",\n \"CVE-2022-1886\",\n \"CVE-2022-1897\",\n \"CVE-2022-1898\",\n \"CVE-2022-1927\",\n \"CVE-2022-1942\",\n \"CVE-2022-1968\",\n \"CVE-2022-2000\",\n \"CVE-2022-2042\",\n \"CVE-2022-2124\",\n \"CVE-2022-2125\",\n \"CVE-2022-2126\",\n \"CVE-2022-2129\",\n \"CVE-2022-2175\",\n \"CVE-2022-2182\",\n \"CVE-2022-2183\",\n \"CVE-2022-2206\",\n \"CVE-2022-2207\",\n \"CVE-2022-2208\",\n \"CVE-2022-2210\",\n \"CVE-2022-2231\",\n \"CVE-2022-2257\",\n \"CVE-2022-2264\",\n \"CVE-2022-2284\",\n \"CVE-2022-2285\",\n \"CVE-2022-2286\",\n \"CVE-2022-2287\",\n \"CVE-2022-2288\",\n \"CVE-2022-2289\",\n \"CVE-2022-2304\",\n \"CVE-2022-2343\",\n \"CVE-2022-2344\",\n \"CVE-2022-2345\"\n );\n script_xref(name:\"IAVB\", value:\"2022-B-0049-S\");\n\n script_name(english:\"GLSA-202208-32 : Vim, gVim: Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is affected by the vulnerability described in GLSA-202208-32 (Vim, gVim: Multiple Vulnerabilities)\n\n - vim is vulnerable to Heap-based Buffer Overflow (CVE-2021-3770, CVE-2021-3778, CVE-2021-3872,\n CVE-2021-3875, CVE-2021-3927, CVE-2021-3968, CVE-2021-3973, CVE-2021-3984, CVE-2021-4019, CVE-2021-4136,\n CVE-2022-0158, CVE-2022-0213)\n\n - vim is vulnerable to Use After Free (CVE-2021-3796, CVE-2021-3974, CVE-2021-4069, CVE-2021-4173,\n CVE-2021-4187, CVE-2021-4192, CVE-2022-0156)\n\n - vim is vulnerable to Use of Uninitialized Variable (CVE-2021-3928)\n\n - vim is vulnerable to Out-of-bounds Read (CVE-2021-4166, CVE-2021-4193, CVE-2022-0128)\n\n - ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by\n its CNA. Further investigation showed that it was not a security issue. Notes: none. (CVE-2021-46059)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0261, CVE-2022-0359,\n CVE-2022-0361, CVE-2022-0407, CVE-2022-1886, CVE-2022-1942, CVE-2022-2125, CVE-2022-2182, CVE-2022-2207)\n\n - Heap-based Buffer Overflow in vim/vim prior to 8.2. (CVE-2022-0318)\n\n - Out-of-bounds Read in vim/vim prior to 8.2. (CVE-2022-0319)\n\n - Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.\n (CVE-2022-0351)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. (CVE-2022-0368, CVE-2022-0393,\n CVE-2022-1851, CVE-2022-2126, CVE-2022-2183, CVE-2022-2206)\n\n - Heap-based Buffer Overflow in GitHub repository vim prior to 8.2. (CVE-2022-0392)\n\n - Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. (CVE-2022-0408, CVE-2022-0629)\n\n - Use After Free in GitHub repository vim/vim prior to 8.2. (CVE-2022-0413, CVE-2022-0443, CVE-2022-1898,\n CVE-2022-1968, CVE-2022-2042)\n\n - Heap-based Buffer Overflow GitHub repository vim/vim prior to 8.2. (CVE-2022-0417)\n\n - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2. (CVE-2022-0554)\n\n - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4418. (CVE-2022-0685)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4436. (CVE-2022-0714)\n\n - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4440. (CVE-2022-0729)\n\n - Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563. (CVE-2022-0943)\n\n - Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646. (CVE-2022-1154)\n\n - heap buffer overflow in get_one_sourceline in GitHub repository vim/vim prior to 8.2.4647. (CVE-2022-1160)\n\n - global heap buffer overflow in skip_range in GitHub repository vim/vim prior to 8.2.4763. This\n vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible\n remote execution (CVE-2022-1381)\n\n - Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774. (CVE-2022-1420)\n\n - Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is\n capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution\n (CVE-2022-1616)\n\n - Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899.\n This vulnerabilities are capable of crashing software, modify memory, and possible remote execution\n (CVE-2022-1619)\n\n - NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim\n prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allows\n attackers to cause a denial of service (application crash) via a crafted input. (CVE-2022-1620)\n\n - Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This\n vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible\n remote execution (CVE-2022-1621)\n\n - Buffer Over-read in function find_next_quote in GitHub repository vim/vim prior to 8.2.4925. This\n vulnerabilities are capable of crashing software, Modify Memory, and possible remote execution\n (CVE-2022-1629)\n\n - NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 in GitHub repository vim/vim\n prior to 8.2.4938. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 allows\n attackers to cause a denial of service (application crash) via a crafted input. (CVE-2022-1674)\n\n - Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This\n vulnerability is capable of crashing the software, memory modification, and possible remote execution.\n (CVE-2022-1720)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968. (CVE-2022-1733)\n\n - Classic Buffer Overflow in GitHub repository vim/vim prior to 8.2.4969. (CVE-2022-1735)\n\n - Buffer Over-read in GitHub repository vim/vim prior to 8.2.4974. (CVE-2022-1769)\n\n - Uncontrolled Recursion in GitHub repository vim/vim prior to 8.2.4975. (CVE-2022-1771)\n\n - Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.4977. (CVE-2022-1785)\n\n - Use After Free in GitHub repository vim/vim prior to 8.2.4979. (CVE-2022-1796)\n\n - Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. (CVE-2022-1897, CVE-2022-2000,\n CVE-2022-2129, CVE-2022-2210)\n\n - Buffer Over-read in GitHub repository vim/vim prior to 8.2. (CVE-2022-1927, CVE-2022-2124, CVE-2022-2175)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.5163. (CVE-2022-2208)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2. (CVE-2022-2231)\n\n - Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. (CVE-2022-2257, CVE-2022-2286,\n CVE-2022-2287)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. (CVE-2022-2264, CVE-2022-2284)\n\n - Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0. (CVE-2022-2285)\n\n - Out-of-bounds Write in GitHub repository vim/vim prior to 9.0. (CVE-2022-2288)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0. (CVE-2022-2289)\n\n - Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. (CVE-2022-2304)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0044. (CVE-2022-2343)\n\n - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0045. (CVE-2022-2344)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0046. (CVE-2022-2345)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security.gentoo.org/glsa/202208-32\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=811870\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=818562\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=819528\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=823473\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=824930\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=828583\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=829658\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=830106\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=830994\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=833572\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=836432\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=851231\");\n script_set_attribute(attribute:\"solution\", value:\n\"All Vim users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose >=app-editors/vim-9.0.0060\n \nAll gVim users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose >=app-editors/gvim-9.0.0060\n \nAll vim-core users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose >=app-editors/vim-core-9.0.0060\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3973\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-2210\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/08/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:gvim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:vim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:vim-core\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar flag = 0;\n\nvar packages = [\n {\n 'name' : \"app-editors/gvim\",\n 'unaffected' : make_list(\"ge 9.0.0060\"),\n 'vulnerable' : make_list(\"lt 9.0.0060\")\n },\n {\n 'name' : \"app-editors/vim\",\n 'unaffected' : make_list(\"ge 9.0.0060\"),\n 'vulnerable' : make_list(\"lt 9.0.0060\")\n },\n {\n 'name' : \"app-editors/vim-core\",\n 'unaffected' : make_list(\"ge 9.0.0060\"),\n 'vulnerable' : make_list(\"lt 9.0.0060\")\n }\n];\n\nforeach package( packages ) {\n if (isnull(package['unaffected'])) package['unaffected'] = make_list();\n if (isnull(package['vulnerable'])) package['vulnerable'] = make_list();\n if (qpkg_check(package: package['name'] , unaffected: package['unaffected'], vulnerable: package['vulnerable'])) flag++;\n}\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : qpkg_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Vim / gVim\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-10T19:24:04", "description": "The remote host is running a version of macOS / Mac OS X that is 12.x prior to 12.4 Monterey. It is, therefore, affected by multiple vulnerabilities :\n\n - Exploitation of this vulnerability may lead to memory corruption issue. (CVE-2018-25032)\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser. (CVE-2021-44790)\n\n - Exploitation of this vulnerability may lead to arbitrary code execution. (CVE-2021-45444)\n\nNote that Nessus has not tested for this issue but has instead relied only on the operating system's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-05-20T00:00:00", "type": "nessus", "title": "macOS 12.x < 12.4 (HT213257)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-25032", "CVE-2021-44224", "CVE-2021-44790", "CVE-2021-45444", "CVE-2022-0530", "CVE-2022-0778", "CVE-2022-22677", "CVE-2022-22719", "CVE-2022-22720", "CVE-2022-22721", "CVE-2022-23308", "CVE-2022-26693", "CVE-2022-26694", "CVE-2022-26697", "CVE-2022-26698", "CVE-2022-26700", "CVE-2022-26701", "CVE-2022-26704", "CVE-2022-26706", "CVE-2022-26708", "CVE-2022-26709", "CVE-2022-26710", "CVE-2022-26711", "CVE-2022-26712", "CVE-2022-26714", "CVE-2022-26715", "CVE-2022-26716", "CVE-2022-26717", "CVE-2022-26718", "CVE-2022-26719", "CVE-2022-26720", "CVE-2022-26721", "CVE-2022-26722", "CVE-2022-26723", "CVE-2022-26725", "CVE-2022-26726", "CVE-2022-26727", "CVE-2022-26728", "CVE-2022-26731", "CVE-2022-26736", "CVE-2022-26737", "CVE-2022-26738", "CVE-2022-26739", "CVE-2022-26740", "CVE-2022-26741", "CVE-2022-26742", "CVE-2022-26743", "CVE-2022-26745", "CVE-2022-26746", "CVE-2022-26748", "CVE-2022-26749", "CVE-2022-26750", "CVE-2022-26751", "CVE-2022-26752", "CVE-2022-26753", "CVE-2022-26754", "CVE-2022-26755", "CVE-2022-26756", "CVE-2022-26757", "CVE-2022-26761", "CVE-2022-26762", "CVE-2022-26763", "CVE-2022-26764", "CVE-2022-26765", "CVE-2022-26766", "CVE-2022-26767", "CVE-2022-26768", "CVE-2022-26769", "CVE-2022-26770", "CVE-2022-26772", "CVE-2022-26775", "CVE-2022-26776"], "modified": "2022-12-15T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x", "cpe:/o:apple:macos"], "id": "MACOS_HT213257.NASL", "href": "https://www.tenable.com/plugins/nessus/161410", "sourceData": "##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(161410);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/15\");\n\n script_cve_id(\n \"CVE-2018-25032\",\n \"CVE-2021-44224\",\n \"CVE-2021-44790\",\n \"CVE-2021-45444\",\n \"CVE-2022-0530\",\n \"CVE-2022-0778\",\n \"CVE-2022-22677\",\n \"CVE-2022-22719\",\n \"CVE-2022-22720\",\n \"CVE-2022-22721\",\n \"CVE-2022-23308\",\n \"CVE-2022-26693\",\n \"CVE-2022-26694\",\n \"CVE-2022-26697\",\n \"CVE-2022-26698\",\n \"CVE-2022-26700\",\n \"CVE-2022-26701\",\n \"CVE-2022-26704\",\n \"CVE-2022-26706\",\n \"CVE-2022-26708\",\n \"CVE-2022-26709\",\n \"CVE-2022-26710\",\n \"CVE-2022-26711\",\n \"CVE-2022-26712\",\n \"CVE-2022-26714\",\n \"CVE-2022-26715\",\n \"CVE-2022-26716\",\n \"CVE-2022-26717\",\n \"CVE-2022-26718\",\n \"CVE-2022-26719\",\n \"CVE-2022-26720\",\n \"CVE-2022-26721\",\n \"CVE-2022-26722\",\n \"CVE-2022-26723\",\n \"CVE-2022-26725\",\n \"CVE-2022-26726\",\n \"CVE-2022-26727\",\n \"CVE-2022-26728\",\n \"CVE-2022-26731\",\n \"CVE-2022-26736\",\n \"CVE-2022-26737\",\n \"CVE-2022-26738\",\n \"CVE-2022-26739\",\n \"CVE-2022-26740\",\n \"CVE-2022-26741\",\n \"CVE-2022-26742\",\n \"CVE-2022-26743\",\n \"CVE-2022-26745\",\n \"CVE-2022-26746\",\n \"CVE-2022-26748\",\n \"CVE-2022-26749\",\n \"CVE-2022-26750\",\n \"CVE-2022-26751\",\n \"CVE-2022-26752\",\n \"CVE-2022-26753\",\n \"CVE-2022-26754\",\n \"CVE-2022-26755\",\n \"CVE-2022-26756\",\n \"CVE-2022-26757\",\n \"CVE-2022-26761\",\n \"CVE-2022-26762\",\n \"CVE-2022-26763\",\n \"CVE-2022-26764\",\n \"CVE-2022-26765\",\n \"CVE-2022-26766\",\n \"CVE-2022-26767\",\n \"CVE-2022-26768\",\n \"CVE-2022-26769\",\n \"CVE-2022-26770\",\n \"CVE-2022-26772\",\n \"CVE-2022-26775\",\n \"CVE-2022-26776\"\n );\n script_xref(name:\"APPLE-SA\", value:\"HT213257\");\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2022-05-16-2\");\n script_xref(name:\"IAVA\", value:\"2022-A-0212-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0442-S\");\n\n script_name(english:\"macOS 12.x < 12.4 (HT213257)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a macOS or Mac OS X security update or supplemental update that fixes multiple\nvulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of macOS / Mac OS X that is 12.x prior to 12.4 Monterey. It is, therefore, \naffected by multiple vulnerabilities :\n\n - Exploitation of this vulnerability may lead to memory corruption issue. (CVE-2018-25032)\n\n - A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser. (CVE-2021-44790)\n\n - Exploitation of this vulnerability may lead to arbitrary code execution. (CVE-2021-45444)\n\nNote that Nessus has not tested for this issue but has instead relied only on the operating system's self-reported\nversion number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-gb/HT213257\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to macOS 12.4 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-26772\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-26776\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/05/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:macos\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_ports(\"Host/MacOSX/Version\", \"Host/local_checks_enabled\", \"Host/MacOSX/packages/boms\");\n\n exit(0);\n}\n\ninclude('vcf_extras_apple.inc');\n\nvar app_info = vcf::apple::macos::get_app_info();\nvar constraints = [\n {\n 'min_version': '12.0', \n 'fixed_version': '12.4', \n 'fixed_display': 'macOS Monterey 12.4'\n }\n];\n\nvcf::apple::macos::check_version_and_report(\n app_info:app_info,\n constraints:constraints,\n severity:SECURITY_HOLE\n);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-14T16:52:00", "description": "It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-155 advisory.\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0360. (CVE-2022-3099)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0389. (CVE-2022-3134)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0404. (CVE-2022-3153)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-20T00:00:00", "type": "nessus", "title": "Amazon Linux 2022 : (ALAS2022-2022-155)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3770", "CVE-2021-3903", "CVE-2021-3927", "CVE-2021-3928", "CVE-2021-3968", "CVE-2021-3973", "CVE-2021-3974", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-4069", "CVE-2021-4136", "CVE-2021-4166", "CVE-2021-4173", "CVE-2021-4187", "CVE-2021-4192", "CVE-2021-4193", "CVE-2022-0128", "CVE-2022-0156", "CVE-2022-0158", "CVE-2022-0213", "CVE-2022-0261", "CVE-2022-0318", "CVE-2022-0319", "CVE-2022-0351", "CVE-2022-0359", "CVE-2022-0361", "CVE-2022-0368", "CVE-2022-0392", "CVE-2022-0393", "CVE-2022-0407", "CVE-2022-0408", "CVE-2022-0413", "CVE-2022-0417", "CVE-2022-0443", "CVE-2022-0554", "CVE-2022-0572", "CVE-2022-0629", "CVE-2022-0685", "CVE-2022-0696", "CVE-2022-0714", "CVE-2022-0729", "CVE-2022-0943", "CVE-2022-1154", "CVE-2022-1160", "CVE-2022-1381", "CVE-2022-1420", "CVE-2022-1616", "CVE-2022-1619", "CVE-2022-1620", "CVE-2022-1621", "CVE-2022-1629", "CVE-2022-1674", "CVE-2022-1720", "CVE-2022-1725", "CVE-2022-1733", "CVE-2022-1735", "CVE-2022-1769", "CVE-2022-1771", "CVE-2022-1785", "CVE-2022-1796", "CVE-2022-1851", "CVE-2022-1886", "CVE-2022-1897", "CVE-2022-1898", "CVE-2022-1927", "CVE-2022-1942", "CVE-2022-1968", "CVE-2022-2000", "CVE-2022-2042", "CVE-2022-2124", "CVE-2022-2125", "CVE-2022-2126", "CVE-2022-2129", "CVE-2022-2175", "CVE-2022-2182", "CVE-2022-2183", "CVE-2022-2206", "CVE-2022-2207", "CVE-2022-2208", "CVE-2022-2210", "CVE-2022-2231", "CVE-2022-2257", "CVE-2022-2264", "CVE-2022-2284", "CVE-2022-2285", "CVE-2022-2286", "CVE-2022-2287", "CVE-2022-2288", "CVE-2022-2289", "CVE-2022-2304", "CVE-2022-2343", "CVE-2022-2344", "CVE-2022-2345", "CVE-2022-2522", "CVE-2022-2571", "CVE-2022-2580", "CVE-2022-2581", "CVE-2022-2598", "CVE-2022-2816", "CVE-2022-2817", "CVE-2022-2819", "CVE-2022-2845", "CVE-2022-2849", "CVE-2022-2862", "CVE-2022-2874", "CVE-2022-2889", "CVE-2022-2923", "CVE-2022-2946", "CVE-2022-2980", "CVE-2022-2982", "CVE-2022-3016", "CVE-2022-3037", "CVE-2022-3099", "CVE-2022-3134", "CVE-2022-3153"], "modified": "2022-12-15T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:vim-common", "p-cpe:/a:amazon:linux:vim-common-debuginfo", "p-cpe:/a:amazon:linux:vim-data", "p-cpe:/a:amazon:linux:vim-debuginfo", "p-cpe:/a:amazon:linux:vim-debugsource", "p-cpe:/a:amazon:linux:vim-default-editor", "p-cpe:/a:amazon:linux:vim-enhanced", "p-cpe:/a:amazon:linux:vim-enhanced-debuginfo", "p-cpe:/a:amazon:linux:vim-filesystem", "p-cpe:/a:amazon:linux:vim-minimal", "p-cpe:/a:amazon:linux:vim-minimal-debuginfo", "cpe:/o:amazon:linux:2022"], "id": "AL2022_ALAS2022-2022-155.NASL", "href": "https://www.tenable.com/plugins/nessus/166352", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2022 Security Advisory ALAS2022-2022-155.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(166352);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/15\");\n\n script_cve_id(\n \"CVE-2021-3770\",\n \"CVE-2021-3903\",\n \"CVE-2021-3927\",\n \"CVE-2021-3928\",\n \"CVE-2021-3968\",\n \"CVE-2021-3973\",\n \"CVE-2021-3974\",\n \"CVE-2021-3984\",\n \"CVE-2021-4019\",\n \"CVE-2021-4069\",\n \"CVE-2021-4136\",\n \"CVE-2021-4166\",\n \"CVE-2021-4173\",\n \"CVE-2021-4187\",\n \"CVE-2021-4192\",\n \"CVE-2021-4193\",\n \"CVE-2022-0128\",\n \"CVE-2022-0156\",\n \"CVE-2022-0158\",\n \"CVE-2022-0213\",\n \"CVE-2022-0261\",\n \"CVE-2022-0318\",\n \"CVE-2022-0319\",\n \"CVE-2022-0351\",\n \"CVE-2022-0359\",\n \"CVE-2022-0361\",\n \"CVE-2022-0368\",\n \"CVE-2022-0392\",\n \"CVE-2022-0393\",\n \"CVE-2022-0407\",\n \"CVE-2022-0408\",\n \"CVE-2022-0413\",\n \"CVE-2022-0417\",\n \"CVE-2022-0443\",\n \"CVE-2022-0554\",\n \"CVE-2022-0572\",\n \"CVE-2022-0629\",\n \"CVE-2022-0685\",\n \"CVE-2022-0696\",\n \"CVE-2022-0714\",\n \"CVE-2022-0729\",\n \"CVE-2022-0943\",\n \"CVE-2022-1154\",\n \"CVE-2022-1160\",\n \"CVE-2022-1381\",\n \"CVE-2022-1420\",\n \"CVE-2022-1616\",\n \"CVE-2022-1619\",\n \"CVE-2022-1620\",\n \"CVE-2022-1621\",\n \"CVE-2022-1629\",\n \"CVE-2022-1674\",\n \"CVE-2022-1720\",\n \"CVE-2022-1725\",\n \"CVE-2022-1733\",\n \"CVE-2022-1735\",\n \"CVE-2022-1769\",\n \"CVE-2022-1771\",\n \"CVE-2022-1785\",\n \"CVE-2022-1796\",\n \"CVE-2022-1851\",\n \"CVE-2022-1886\",\n \"CVE-2022-1897\",\n \"CVE-2022-1898\",\n \"CVE-2022-1927\",\n \"CVE-2022-1942\",\n \"CVE-2022-1968\",\n \"CVE-2022-2000\",\n \"CVE-2022-2042\",\n \"CVE-2022-2124\",\n \"CVE-2022-2125\",\n \"CVE-2022-2126\",\n \"CVE-2022-2129\",\n \"CVE-2022-2175\",\n \"CVE-2022-2182\",\n \"CVE-2022-2183\",\n \"CVE-2022-2206\",\n \"CVE-2022-2207\",\n \"CVE-2022-2208\",\n \"CVE-2022-2210\",\n \"CVE-2022-2231\",\n \"CVE-2022-2257\",\n \"CVE-2022-2264\",\n \"CVE-2022-2284\",\n \"CVE-2022-2285\",\n \"CVE-2022-2286\",\n \"CVE-2022-2287\",\n \"CVE-2022-2288\",\n \"CVE-2022-2289\",\n \"CVE-2022-2304\",\n \"CVE-2022-2343\",\n \"CVE-2022-2344\",\n \"CVE-2022-2345\",\n \"CVE-2022-2522\",\n \"CVE-2022-2571\",\n \"CVE-2022-2580\",\n \"CVE-2022-2581\",\n \"CVE-2022-2598\",\n \"CVE-2022-2816\",\n \"CVE-2022-2817\",\n \"CVE-2022-2819\",\n \"CVE-2022-2845\",\n \"CVE-2022-2849\",\n \"CVE-2022-2862\",\n \"CVE-2022-2874\",\n \"CVE-2022-2889\",\n \"CVE-2022-2923\",\n \"CVE-2022-2946\",\n \"CVE-2022-2980\",\n \"CVE-2022-2982\",\n \"CVE-2022-3016\",\n \"CVE-2022-3037\",\n \"CVE-2022-3099\",\n \"CVE-2022-3134\",\n \"CVE-2022-3153\"\n );\n script_xref(name:\"IAVB\", value:\"2022-B-0049-S\");\n\n script_name(english:\"Amazon Linux 2022 : (ALAS2022-2022-155)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2022 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-155 advisory.\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0360. (CVE-2022-3099)\n\n - Use After Free in GitHub repository vim/vim prior to 9.0.0389. (CVE-2022-3134)\n\n - NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0404. (CVE-2022-3153)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2022/ALAS-2022-155.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-3099.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-3134.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-3153.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'dnf update vim --releasever=2022.0.20221019' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3973\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-0318\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-common-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-default-editor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-enhanced\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-enhanced-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:vim-minimal-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2022\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar alas_release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d+|-\\d+)\", string:alas_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"-2022\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2022\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar pkgs = [\n {'reference':'vim-common-9.0.475-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-common-9.0.475-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-common-9.0.475-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-common-debuginfo-9.0.475-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-common-debuginfo-9.0.475-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-common-debuginfo-9.0.475-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-data-9.0.475-1.amzn2022.0.1', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-debuginfo-9.0.475-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-debuginfo-9.0.475-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-debuginfo-9.0.475-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-debugsource-9.0.475-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-debugsource-9.0.475-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-debugsource-9.0.475-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-default-editor-9.0.475-1.amzn2022.0.1', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-enhanced-9.0.475-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-enhanced-9.0.475-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-enhanced-9.0.475-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-enhanced-debuginfo-9.0.475-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-enhanced-debuginfo-9.0.475-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-enhanced-debuginfo-9.0.475-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-filesystem-9.0.475-1.amzn2022.0.1', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-minimal-9.0.475-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-minimal-9.0.475-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-minimal-9.0.475-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-minimal-debuginfo-9.0.475-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-minimal-debuginfo-9.0.475-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vim-minimal-debuginfo-9.0.475-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"vim-common / vim-common-debuginfo / vim-data / etc\");\n}", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "apple": [{"lastseen": "2022-10-04T21:58:45", "description": "# About the security content of Security Update 2022-005 Catalina\n\nThis document describes the security content of Security Update 2022-005 Catalina.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Security Update 2022-005 Catalina\n\nReleased July 20, 2022\n\n**APFS**\n\nAvailable for: macOS Catalina\n\nImpact: An app with root privileges may be able to execute arbitrary code with kernel privileges\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32832: Tommy Muir (@Muirey03)\n\n**AppleMobileFileIntegrity**\n\nAvailable for: macOS Catalina\n\nImpact: An app may be able to gain root privileges\n\nDescription: An authorization issue was addressed with improved state management.\n\nCVE-2022-32826: Mickey Jin (@patch1t) of Trend Micro\n\n**AppleScript**\n\nAvailable for: macOS Catalina\n\nImpact: Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-32797: Mickey Jin (@patch1t), Ye Zhang (@co0py_Cat) of Baidu Security, Mickey Jin (@patch1t) of Trend Micro\n\n**AppleScript**\n\nAvailable for: macOS Catalina\n\nImpact: Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory\n\nDescription: An out-of-bounds read issue was addressed with improved input validation.\n\nCVE-2022-32853: Ye Zhang(@co0py_Cat) of Baidu Security\n\nCVE-2022-32851: Ye Zhang (@co0py_Cat) of Baidu Security\n\n**AppleScript**\n\nAvailable for: macOS Catalina\n\nImpact: Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2022-32831: Ye Zhang (@co0py_Cat) of Baidu Security\n\n**Archive Utility**\n\nAvailable for: macOS Catalina\n\nImpact: An archive may be able to bypass Gatekeeper\n\nDescription: A logic issue was addressed with improved checks.\n\nCVE-2022-32910: Ferdous Saljooki (@malwarezoo) of Jamf Software\n\nEntry added October 4, 2022\n\n**Audio**\n\nAvailable for: macOS Catalina\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: An out-of-bounds write issue was addressed with improved input validation.\n\nCVE-2022-32820: an anonymous researcher\n\n**Calendar**\n\nAvailable for: macOS Catalina\n\nImpact: An app may be able to access sensitive user information\n\nDescription: The issue was addressed with improved handling of caches.\n\nCVE-2022-32805: Csaba Fitzl (@theevilbit) of Offensive Security\n\n**Calendar**\n\nAvailable for: macOS Catalina\n\nImpact: An app may be able to access user-sensitive data\n\nDescription: An information disclosure issue was addressed by removing the vulnerable code.\n\nCVE-2022-32849: Joshua Jones\n\n**CoreText**\n\nAvailable for: macOS Catalina\n\nImpact: A remote user may cause an unexpected app termination or arbitrary code execution\n\nDescription: The issue was addressed with improved bounds checks.\n\nCVE-2022-32839: STAR Labs (@starlabs_sg)\n\n**FaceTime**\n\nAvailable for: macOS Catalina\n\nImpact: An app with root privileges may be able to access private information\n\nDescription: This issue was addressed by enabling hardened runtime.\n\nCVE-2022-32781: Wojciech Regu\u0142a (@_r3ggi) of SecuRing\n\n**File System Events**\n\nAvailable for: macOS Catalina\n\nImpact: An app may be able to gain root privileges\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-32819: Joshua Mason of Mandiant\n\n**ICU**\n\nAvailable for: macOS Catalina\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2022-32787: Dohyun Lee (@l33d0hyun) of SSD Secure Disclosure Labs & DNSLab, Korea Univ.\n\n**ImageIO**\n\nAvailable for: macOS Catalina\n\nImpact: Processing an image may lead to a denial-of-service\n\nDescription: A null pointer dereference was addressed with improved validation.\n\nCVE-2022-32785: Yi\u011fit Can YILMAZ (@yilmazcanyigit)\n\n**Intel Graphics Driver**\n\nAvailable for: macOS Catalina\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32812: Yinyi Wu (@3ndy1), ABC Research s.r.o.\n\n**Intel Graphics Driver**\n\nAvailable for: macOS Catalina\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption vulnerability was addressed with improved locking.\n\nCVE-2022-32811: ABC Research s.r.o\n\n**Kernel**\n\nAvailable for: macOS Catalina\n\nImpact: An app with root privileges may be able to execute arbitrary code with kernel privileges\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32815: Xinru Chi of Pangu Lab\n\nCVE-2022-32813: Xinru Chi of Pangu Lab\n\n**libxml2**\n\nAvailable for: macOS Catalina\n\nImpact: An app may be able to leak sensitive user information\n\nDescription: A memory initialization issue was addressed with improved memory handling.\n\nCVE-2022-32823\n\n**PackageKit**\n\nAvailable for: macOS Catalina\n\nImpact: An app may be able to modify protected parts of the file system\n\nDescription: An issue in the handling of environment variables was addressed with improved validation.\n\nCVE-2022-32786: Mickey Jin (@patch1t)\n\n**PackageKit**\n\nAvailable for: macOS Catalina\n\nImpact: An app may be able to modify protected parts of the file system\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-32800: Mickey Jin (@patch1t)\n\n**PluginKit**\n\nAvailable for: macOS Catalina\n\nImpact: An app may be able to read arbitrary files\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-32838: Mickey Jin (@patch1t) of Trend Micro\n\n**PS Normalizer**\n\nAvailable for: macOS Catalina\n\nImpact: Processing a maliciously crafted Postscript file may result in unexpected app termination or disclosure of process memory\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2022-32843: Kai Lu of Zscaler's ThreatLabz\n\n**SMB**\n\nAvailable for: macOS Catalina\n\nImpact: An app may be able to gain elevated privileges\n\nDescription: An out-of-bounds read issue was addressed with improved input validation.\n\nCVE-2022-32842: Sreejith Krishnan R (@skr0x1c0)\n\n**SMB**\n\nAvailable for: macOS Catalina\n\nImpact: A user in a privileged network position may be able to leak sensitive information\n\nDescription: An out-of-bounds read issue was addressed with improved bounds checking.\n\nCVE-2022-32799: Sreejith Krishnan R (@skr0x1c0)\n\n**Software Update**\n\nAvailable for: macOS Catalina\n\nImpact: A user in a privileged network position can track a user\u2019s activity\n\nDescription: This issue was addressed by using HTTPS when sending information over the network.\n\nCVE-2022-32857: Jeffrey Paul (sneak.berlin)\n\n**Spindump**\n\nAvailable for: macOS Catalina\n\nImpact: An app may be able to overwrite arbitrary files\n\nDescription: This issue was addressed with improved file handling.\n\nCVE-2022-32807: Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab\n\n**Spotlight**\n\nAvailable for: macOS Catalina\n\nImpact: An app may be able to gain elevated privileges\n\nDescription: A validation issue in the handling of symlinks was addressed with improved validation of symlinks.\n\nCVE-2022-26704: Joshua Mason of Mandiant\n\n**TCC**\n\nAvailable for: macOS Catalina\n\nImpact: An app may be able to access sensitive user information\n\nDescription: An access issue was addressed with improvements to the sandbox.\n\nCVE-2022-32834: Xuxiang Yang (@another1024) of Tencent Security Xuanwu Lab (xlab.tencent.com), Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com), Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab (xlab.tencent.com)\n\nEntry updated September 16, 2022\n\n**Vim**\n\nAvailable for: macOS Catalina\n\nImpact: Multiple issues in Vim\n\nDescription: Multiple issues were addressed by updating Vim.\n\nCVE-2021-4136\n\nCVE-2021-4166\n\nCVE-2021-4173\n\nCVE-2021-4187\n\nCVE-2021-4192\n\nCVE-2021-4193\n\nCVE-2021-46059\n\nCVE-2022-0128\n\n**Wi-Fi**\n\nAvailable for: macOS Catalina\n\nImpact: An app may be able to cause unexpected system termination or write kernel memory\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-32837: Wang Yu of Cyberserval\n\nEntry added September 16, 2022\n\n**Wi-Fi**\n\nAvailable for: macOS Catalina\n\nImpact: A remote user may be able to cause unexpected system termination or corrupt kernel memory\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-32847: Wang Yu of Cyberserval\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: October 04, 2022\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-07-20T00:00:00", "type": "apple", "title": "About the security content of Security Update 2022-005 Catalina", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4136", "CVE-2021-4166", "CVE-2021-4173", "CVE-2021-4187", "CVE-2021-4192", "CVE-2021-4193", "CVE-2021-46059", "CVE-2022-0128", "CVE-2022-26704", "CVE-2022-32781", "CVE-2022-32785", "CVE-2022-32786", "CVE-2022-32787", "CVE-2022-32797", "CVE-2022-32799", "CVE-2022-32800", "CVE-2022-32805", "CVE-2022-32807", "CVE-2022-32811", "CVE-2022-32812", "CVE-2022-32813", "CVE-2022-32815", "CVE-2022-32819", "CVE-2022-32820", "CVE-2022-32823", "CVE-2022-32826", "CVE-2022-32831", "CVE-2022-32832", "CVE-2022-32834", "CVE-2022-32837", "CVE-2022-32838", "CVE-2022-32839", "CVE-2022-32842", "CVE-2022-32843", "CVE-2022-32847", "CVE-2022-32849", "CVE-2022-32851", "CVE-2022-32853", "CVE-2022-32857", "CVE-2022-32910"], "modified": "2022-07-20T00:00:00", "id": "APPLE:315A0A489FE54A17BA14F0B62D49D716", "href": "https://support.apple.com/kb/HT213343", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-11-18T14:56:45", "description": "# About the security content of macOS Monterey 12.5\n\nThis document describes the security content of macOS Monterey 12.5.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## macOS Monterey 12.5\n\nReleased July 20, 2022\n\n**APFS**\n\nAvailable for: macOS Monterey\n\nImpact: An app with root privileges may be able to execute arbitrary code with kernel privileges\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32832: Tommy Muir (@Muirey03)\n\n**AppleAVD**\n\nAvailable for: macOS Monterey\n\nImpact: A remote user may be able to cause kernel code execution\n\nDescription: A buffer overflow was addressed with improved bounds checking.\n\nCVE-2022-32788: Natalie Silvanovich of Google Project Zero\n\nEntry added September 16, 2022\n\n**AppleMobileFileIntegrity**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to access user-sensitive data\n\nDescription: This issue was addressed by enabling hardened runtime.\n\nCVE-2022-32880: Wojciech Regu\u0142a (@_r3ggi) of SecuRing, Mickey Jin (@patch1t) of Trend Micro, Csaba Fitzl (@theevilbit) of Offensive Security\n\nEntry added September 16, 2022\n\n**AppleMobileFileIntegrity**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to gain root privileges\n\nDescription: An authorization issue was addressed with improved state management.\n\nCVE-2022-32826: Mickey Jin (@patch1t) of Trend Micro\n\n**Apple Neural Engine**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: An integer overflow was addressed with improved input validation.\n\nCVE-2022-42805: Mohamed Ghannam (@_simo36)\n\nEntry added November 9, 2022\n\n**Apple Neural Engine**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2022-32948: Mohamed Ghannam (@_simo36)\n\nEntry added November 9, 2022\n\n**Apple Neural Engine**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32810: Mohamed Ghannam (@_simo36)\n\n**Apple Neural Engine**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-32840: Mohamed Ghannam (@_simo36)\n\n**Apple Neural Engine**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2022-32845: Mohamed Ghannam (@_simo36)\n\nEntry updated November 9, 2022\n\n**AppleScript**\n\nAvailable for: macOS Monterey\n\nImpact: Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-32797: Mickey Jin (@patch1t), Ye Zhang (@co0py_Cat) of Baidu Security, Mickey Jin (@patch1t) of Trend Micro\n\n**AppleScript**\n\nAvailable for: macOS Monterey\n\nImpact: Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory\n\nDescription: An out-of-bounds read issue was addressed with improved input validation.\n\nCVE-2022-32851: Ye Zhang (@co0py_Cat) of Baidu Security\n\nCVE-2022-32852: Ye Zhang (@co0py_Cat) of Baidu Security\n\nCVE-2022-32853: Ye Zhang (@co0py_Cat) of Baidu Security\n\n**AppleScript**\n\nAvailable for: macOS Monterey\n\nImpact: Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory\n\nDescription: An out-of-bounds read issue was addressed with improved bounds checking.\n\nCVE-2022-32831: Ye Zhang (@co0py_Cat) of Baidu Security\n\n**Archive Utility**\n\nAvailable for: macOS Monterey\n\nImpact: An archive may be able to bypass Gatekeeper\n\nDescription: A logic issue was addressed with improved checks.\n\nCVE-2022-32910: Ferdous Saljooki (@malwarezoo) of Jamf Software\n\nEntry added October 4, 2022\n\n**Audio**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: An out-of-bounds write issue was addressed with improved input validation.\n\nCVE-2022-32820: an anonymous researcher\n\n**Audio**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to disclose kernel memory\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32825: John Aakerblom (@jaakerblom)\n\n**Automation**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to bypass Privacy preferences\n\nDescription: A logic issue was addressed with improved checks.\n\nCVE-2022-32789: Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab\n\n**Calendar**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to access sensitive user information\n\nDescription: The issue was addressed with improved handling of caches.\n\nCVE-2022-32805: Csaba Fitzl (@theevilbit) of Offensive Security\n\n**CoreMedia**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to disclose kernel memory\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32828: Antonio Zekic (@antoniozekic) and John Aakerblom (@jaakerblom)\n\n**CoreText**\n\nAvailable for: macOS Monterey\n\nImpact: A remote user may cause an unexpected app termination or arbitrary code execution\n\nDescription: The issue was addressed with improved bounds checks.\n\nCVE-2022-32839: STAR Labs (@starlabs_sg)\n\n**File System Events**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to gain root privileges\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-32819: Joshua Mason of Mandiant\n\n**GPU Drivers**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to disclose kernel memory\n\nDescription: Multiple out-of-bounds write issues were addressed with improved bounds checking.\n\nCVE-2022-32793: an anonymous researcher\n\n**GPU Drivers**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nCVE-2022-32821: John Aakerblom (@jaakerblom)\n\n**iCloud Photo Library**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to access sensitive user information\n\nDescription: An information disclosure issue was addressed by removing the vulnerable code.\n\nCVE-2022-32849: Joshua Jones\n\n**ICU**\n\nAvailable for: macOS Monterey\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2022-32787: Dohyun Lee (@l33d0hyun) of SSD Secure Disclosure Labs & DNSLab, Korea Univ.\n\n**ImageIO**\n\nAvailable for: macOS Monterey\n\nImpact: Processing a maliciously crafted file may lead to arbitrary code execution\n\nDescription: A logic issue was addressed with improved checks.\n\nCVE-2022-32802: Ivan Fratric of Google Project Zero, Mickey Jin (@patch1t)\n\nEntry added September 16, 2022\n\n**ImageIO**\n\nAvailable for: macOS Monterey\n\nImpact: Processing a maliciously crafted image may result in disclosure of process memory\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32841: hjy79425575\n\n**ImageIO**\n\nAvailable for: macOS Monterey\n\nImpact: Processing an image may lead to a denial-of-service\n\nDescription: A null pointer dereference was addressed with improved validation.\n\nCVE-2022-32785: Yi\u011fit Can YILMAZ (@yilmazcanyigit)\n\n**Intel Graphics Driver**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption vulnerability was addressed with improved locking.\n\nCVE-2022-32811: ABC Research s.r.o\n\n**Intel Graphics Driver**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32812: Yinyi Wu (@3ndy1), ABC Research s.r.o.\n\n**Kernel**\n\nAvailable for: macOS Monterey\n\nImpact: An app with root privileges may be able to execute arbitrary code with kernel privileges\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32813: Xinru Chi of Pangu Lab\n\nCVE-2022-32815: Xinru Chi of Pangu Lab\n\n**Kernel**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to disclose kernel memory\n\nDescription: An out-of-bounds read issue was addressed with improved bounds checking.\n\nCVE-2022-32817: Xinru Chi of Pangu Lab\n\n**Kernel**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-32829: Tingting Yin of Tsinghua University, and Min Zheng of Ant Group\n\nEntry updated September 16, 2022\n\n**Liblouis**\n\nAvailable for: macOS Monterey\n\nImpact: An app may cause unexpected app termination or arbitrary code execution\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-26981: Hexhive (hexhive.epfl.ch), NCNIPC of China (nipc.org.cn)\n\n**libxml2**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to leak sensitive user information\n\nDescription: A memory initialization issue was addressed with improved memory handling.\n\nCVE-2022-32823\n\n**Multi-Touch**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: A type confusion issue was addressed with improved checks.\n\nCVE-2022-32814: Pan ZhenPeng (@Peterpan0927)\n\n**Multi-Touch**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: A type confusion issue was addressed with improved state handling.\n\nCVE-2022-32814: Pan ZhenPeng (@Peterpan0927)\n\n**PackageKit**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to modify protected parts of the file system\n\nDescription: An issue in the handling of environment variables was addressed with improved validation.\n\nCVE-2022-32786: Mickey Jin (@patch1t)\n\n**PackageKit**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to modify protected parts of the file system\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-32800: Mickey Jin (@patch1t)\n\n**PluginKit**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to read arbitrary files\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-32838: Mickey Jin (@patch1t) of Trend Micro\n\n**PS Normalizer**\n\nAvailable for: macOS Monterey\n\nImpact: Processing a maliciously crafted Postscript file may result in unexpected app termination or disclosure of process memory\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2022-32843: Kai Lu of Zscaler's ThreatLabz\n\n**SMB**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2022-32796: Sreejith Krishnan R (@skr0x1c0)\n\n**SMB**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to gain elevated privileges\n\nDescription: An out-of-bounds read issue was addressed with improved input validation.\n\nCVE-2022-32842: Sreejith Krishnan R (@skr0x1c0)\n\n**SMB**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to gain elevated privileges\n\nDescription: An out-of-bounds write issue was addressed with improved input validation.\n\nCVE-2022-32798: Sreejith Krishnan R (@skr0x1c0)\n\n**SMB**\n\nAvailable for: macOS Monterey\n\nImpact: A user in a privileged network position may be able to leak sensitive information\n\nDescription: An out-of-bounds read issue was addressed with improved bounds checking.\n\nCVE-2022-32799: Sreejith Krishnan R (@skr0x1c0)\n\n**SMB**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to leak sensitive kernel state\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32818: Sreejith Krishnan R (@skr0x1c0)\n\n**Software Update**\n\nAvailable for: macOS Monterey\n\nImpact: A user in a privileged network position can track a user\u2019s activity\n\nDescription: This issue was addressed by using HTTPS when sending information over the network.\n\nCVE-2022-32857: Jeffrey Paul (sneak.berlin)\n\n**Spindump**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to overwrite arbitrary files\n\nDescription: This issue was addressed with improved file handling.\n\nCVE-2022-32807: Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab\n\n**Spotlight**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to gain root privileges\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-32801: Joshua Mason (@josh@jhu.edu)\n\n**subversion**\n\nAvailable for: macOS Monterey\n\nImpact: Multiple issues in subversion\n\nDescription: Multiple issues were addressed by updating subversion.\n\nCVE-2021-28544: Evgeny Kotkov, visualsvn.com\n\nCVE-2022-24070: Evgeny Kotkov, visualsvn.com\n\nCVE-2022-29046: Evgeny Kotkov, visualsvn.com\n\nCVE-2022-29048: Evgeny Kotkov, visualsvn.com\n\n**TCC**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to access sensitive user information\n\nDescription: An access issue was addressed with improvements to the sandbox.\n\nCVE-2022-32834: Xuxiang Yang (@another1024) of Tencent Security Xuanwu Lab (xlab.tencent.com), Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com), Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab (xlab.tencent.com)\n\nEntry updated September 16, 2022\n\n**WebKit**\n\nAvailable for: macOS Monterey\n\nImpact: A user may be tracked through their IP address\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-32861: Matthias Keller (m-keller.com)\n\nEntry added September 16, 2022\n\n**WebKit**\n\nAvailable for: macOS Monterey\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2022-32863: P1umer, afang5472, xmzyshypnc\n\nEntry added September 16, 2022\n\n**WebKit**\n\nAvailable for: macOS Monterey\n\nImpact: Visiting a website that frames malicious content may lead to UI spoofing\n\nDescription: The issue was addressed with improved UI handling.\n\nWebKit Bugzilla: 239316 \nCVE-2022-32816: Dohyun Lee (@l33d0hyun) of SSD Secure Disclosure Labs & DNSLab, Korea Univ.\n\n**WebKit**\n\nAvailable for: macOS Monterey\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: An out-of-bounds write issue was addressed with improved input validation.\n\nWebKit Bugzilla: 240720 \nCVE-2022-32792: Manfred Paul (@_manfp) working with Trend Micro Zero Day Initiative\n\n**WebRTC**\n\nAvailable for: macOS Monterey\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nWebKit Bugzilla: 242339 \nCVE-2022-2294: Jan Vojtesek of Avast Threat Intelligence team\n\n**Wi-Fi**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: An out-of-bounds write was addressed with improved input validation.\n\nCVE-2022-32860: Wang Yu of Cyberserval\n\nEntry added November 9, 2022\n\n**Wi-Fi**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to cause unexpected system termination or write kernel memory\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-32837: Wang Yu of Cyberserval\n\n**Wi-Fi**\n\nAvailable for: macOS Monterey\n\nImpact: A remote user may be able to cause unexpected system termination or corrupt kernel memory\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-32847: Wang Yu of Cyberserval\n\n**Windows Server**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to capture a user\u2019s screen\n\nDescription: A logic issue was addressed with improved checks.\n\nCVE-2022-32848: Jeremy Legendre of MacEnhance\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Additional recognition\n\n**802.1X**\n\nWe would like to acknowledge Shin Sun of National Taiwan University for their assistance.\n\n**AppleMobileFileIntegrity**\n\nWe would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive Security, Mickey Jin (@patch1t) of Trend Micro, and Wojciech Regu\u0142a (@_r3ggi) of SecuRing for their assistance.\n\n**Calendar**\n\n****We would like to acknowledge Joshua Jones for their assistance.\n\n**configd**\n\nWe would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive Security, Mickey Jin (@patch1t) of Trend Micro, and Wojciech Regu\u0142a (@_r3ggi) of SecuRing for their assistance.\n\n**DiskArbitration**\n\nWe would like to acknowledge Mike Cush for their assistance.\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: November 09, 2022\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-07-20T00:00:00", "type": "apple", "title": "About the security content of macOS Monterey 12.5", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-28544", "CVE-2022-2294", "CVE-2022-24070", "CVE-2022-26981", "CVE-2022-29046", "CVE-2022-29048", "CVE-2022-32785", "CVE-2022-32786", "CVE-2022-32787", "CVE-2022-32788", "CVE-2022-32789", "CVE-2022-32792", "CVE-2022-32793", "CVE-2022-32796", "CVE-2022-32797", "CVE-2022-32798", "CVE-2022-32799", "CVE-2022-32800", "CVE-2022-32801", "CVE-2022-32802", "CVE-2022-32805", "CVE-2022-32807", "CVE-2022-32810", "CVE-2022-32811", "CVE-2022-32812", "CVE-2022-32813", "CVE-2022-32814", "CVE-2022-32815", "CVE-2022-32816", "CVE-2022-32817", "CVE-2022-32818", "CVE-2022-32819", "CVE-2022-32820", "CVE-2022-32821", "CVE-2022-32823", "CVE-2022-32825", "CVE-2022-32826", "CVE-2022-32828", "CVE-2022-32829", "CVE-2022-32831", "CVE-2022-32832", "CVE-2022-32834", "CVE-2022-32837", "CVE-2022-32838", "CVE-2022-32839", "CVE-2022-32840", "CVE-2022-32841", "CVE-2022-32842", "CVE-2022-32843", "CVE-2022-32845", "CVE-2022-32847", "CVE-2022-32848", "CVE-2022-32849", "CVE-2022-32851", "CVE-2022-32852", "CVE-2022-32853", "CVE-2022-32857", "CVE-2022-32860", "CVE-2022-32861", "CVE-2022-32863", "CVE-2022-32880", "CVE-2022-32910", "CVE-2022-32948", "CVE-2022-42805"], "modified": "2022-07-20T00:00:00", "id": "APPLE:71C798D0F46D1E956B1D27B4A004E9B9", "href": "https://support.apple.com/kb/HT213345", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-10-29T05:59:12", "description": "# About the security content of watchOS 8.7\n\nThis document describes the security content of watchOS 8.7.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## watchOS 8.7\n\nReleased July 20, 2022\n\n**APFS**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: An app with root privileges may be able to execute arbitrary code with kernel privileges\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32832: Tommy Muir (@Muirey03)\n\n**AppleAVD**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: A remote user may be able to cause kernel code execution\n\nDescription: A buffer overflow issue was addressed with improved bounds checking.\n\nCVE-2022-32788: Natalie Silvanovich of Google Project Zero\n\n**AppleAVD**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: An app may be able to disclose kernel memory\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32824: Antonio Zekic (@antoniozekic) and John Aakerblom (@jaakerblom)\n\n**AppleMobileFileIntegrity**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: An app may be able to gain root privileges\n\nDescription: An authorization issue was addressed with improved state management.\n\nCVE-2022-32826: Mickey Jin (@patch1t) of Trend Micro\n\n**Apple Neural Engine**\n\nAvailable for devices with Apple Neural Engine: Apple Watch Series 4 and later\n\nImpact: An app may be able to break out of its sandbox\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-32845: Mohamed Ghannam (@_simo36)\n\n**Apple Neural Engine**\n\nAvailable for devices with Apple Neural Engine: Apple Watch Series 4 and later\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-32840: Mohamed Ghannam (@_simo36)\n\n**Apple Neural Engine**\n\nAvailable for devices with Apple Neural Engine: Apple Watch Series 4 and later\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32810: Mohamed Ghannam (@_simo36)\n\n**Audio**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: An out-of-bounds write issue was addressed with improved input validation.\n\nCVE-2022-32820: an anonymous researcher\n\n**Audio**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: An app may be able to disclose kernel memory\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32825: John Aakerblom (@jaakerblom)\n\n**CoreText**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: A remote user may cause an unexpected app termination or arbitrary code execution\n\nDescription: The issue was addressed with improved bounds checks.\n\nCVE-2022-32839: STAR Labs (@starlabs_sg)\n\n**File System Events**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: An app may be able to gain root privileges\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-32819: Joshua Mason of Mandiant\n\n**GPU Drivers**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: An app may be able to disclose kernel memory\n\nDescription: Multiple out-of-bounds write issues were addressed with improved bounds checking.\n\nCVE-2022-32793: an anonymous researcher\n\n**GPU Drivers**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nCVE-2022-32821: John Aakerblom (@jaakerblom)\n\n**ICU**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2022-32787: Dohyun Lee (@l33d0hyun) of SSD Secure Disclosure Labs & DNSLab, Korea Univ.\n\n**ImageIO**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: Processing a maliciously crafted image may result in disclosure of process memory\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32841: hjy79425575\n\n**Kernel**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: An app with root privileges may be able to execute arbitrary code with kernel privileges\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32813: Xinru Chi of Pangu Lab\n\nCVE-2022-32815: Xinru Chi of Pangu Lab\n\n**Kernel**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: An app may be able to disclose kernel memory\n\nDescription: An out-of-bounds read issue was addressed with improved bounds checking.\n\nCVE-2022-32817: Xinru Chi of Pangu Lab\n\n**Kernel**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: An app with arbitrary kernel read and write capability may be able to bypass Pointer Authentication\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-32844: Sreejith Krishnan R (@skr0x1c0)\n\n**Liblouis**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: An app may cause unexpected app termination or arbitrary code execution\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-26981: Hexhive (hexhive.epfl.ch), NCNIPC of China (nipc.org.cn)\n\n**libxml2**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: An app may be able to leak sensitive user information\n\nDescription: A memory initialization issue was addressed with improved memory handling.\n\nCVE-2022-32823\n\n**Multi-Touch**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: A type confusion issue was addressed with improved checks.\n\nCVE-2022-32814: Pan ZhenPeng (@Peterpan0927)\n\n**Multi-Touch**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: A type confusion issue was addressed with improved state handling.\n\nCVE-2022-32814: Pan ZhenPeng (@Peterpan0927)\n\n**Software Update**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: A user in a privileged network position can track a user\u2019s activity\n\nDescription: This issue was addressed by using HTTPS when sending information over the network.\n\nCVE-2022-32857: Jeffrey Paul (sneak.berlin)\n\n**WebKit**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: Visiting a website that frames malicious content may lead to UI spoofing\n\nDescription: The issue was addressed with improved UI handling.\n\nWebKit Bugzilla: 239316 \nCVE-2022-32816: Dohyun Lee (@l33d0hyun) of SSD Secure Disclosure Labs & DNSLab, Korea Univ.\n\n**WebKit**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: An out-of-bounds write issue was addressed with improved input validation.\n\nWebKit Bugzilla: 240720 \nCVE-2022-32792: Manfred Paul (@_manfp) working with Trend Micro Zero Day Initiative\n\n**Wi-Fi**\n\nAvailable for: Apple Watch Series 3 and later\n\nImpact: A remote user may be able to cause unexpected system termination or corrupt kernel memory\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-32847: Wang Yu of Cyberserval\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Additional recognition\n\n**AppleMobileFileIntegrity**\n\nWe would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive Security, Mickey Jin (@patch1t) of Trend Micro, and Wojciech Regu\u0142a (@_r3ggi) of SecuRing for their assistance.\n\n**configd**\n\nWe would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive Security, Mickey Jin (@patch1t) of Trend Micro, and Wojciech Regu\u0142a (@_r3ggi) of SecuRing for their assistance.\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: July 20, 2022\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-07-20T00:00:00", "type": "apple", "title": "About the security content of watchOS 8.7", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-26981", "CVE-2022-32787", "CVE-2022-32788", "CVE-2022-32792", "CVE-2022-32793", "CVE-2022-32810", "CVE-2022-32813", "CVE-2022-32814", "CVE-2022-32815", "CVE-2022-32816", "CVE-2022-32817", "CVE-2022-32819", "CVE-2022-32820", "CVE-2022-32821", "CVE-2022-32823", "CVE-2022-32824", "CVE-2022-32825", "CVE-2022-32826", "CVE-2022-32832", "CVE-2022-32839", "CVE-2022-32840", "CVE-2022-32841", "CVE-2022-32844", "CVE-2022-32845", "CVE-2022-32847", "CVE-2022-32857"], "modified": "2022-07-20T00:00:00", "id": "APPLE:36D1157BC66453E0491C66ACBF433EE9", "href": "https://support.apple.com/kb/HT213340", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-10-29T05:58:51", "description": "# About the security content of tvOS 15.6\n\nThis document describes the security content of tvOS 15.6.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## tvOS 15.6\n\nReleased July 20, 2022\n\n**APFS**\n\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD\n\nImpact: An app with root privileges may be able to execute arbitrary code with kernel privileges\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32832: Tommy Muir (@Muirey03)\n\n**AppleAVD**\n\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD\n\nImpact: A remote user may be able to cause kernel code execution\n\nDescription: A buffer overflow issue was addressed with improved bounds checking.\n\nCVE-2022-32788: Natalie Silvanovich of Google Project Zero\n\n**AppleAVD**\n\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD\n\nImpact: An app may be able to disclose kernel memory\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32824: Antonio Zekic (@antoniozekic) and John Aakerblom (@jaakerblom)\n\n**AppleMobileFileIntegrity**\n\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD\n\nImpact: An app may be able to gain root privileges\n\nDescription: An authorization issue was addressed with improved state management.\n\nCVE-2022-32826: Mickey Jin (@patch1t) of Trend Micro\n\n**Audio**\n\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: An out-of-bounds write issue was addressed with improved input validation.\n\nCVE-2022-32820: an anonymous researcher\n\n**Audio**\n\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD\n\nImpact: An app may be able to disclose kernel memory\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32825: John Aakerblom (@jaakerblom)\n\n**CoreMedia**\n\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD\n\nImpact: An app may be able to disclose kernel memory\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32828: Antonio Zekic (@antoniozekic) and John Aakerblom (@jaakerblom)\n\n**CoreText**\n\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD\n\nImpact: A remote user may cause an unexpected app termination or arbitrary code execution\n\nDescription: The issue was addressed with improved bounds checks.\n\nCVE-2022-32839: STAR Labs (@starlabs_sg)\n\n**File System Events**\n\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD\n\nImpact: An app may be able to gain root privileges\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-32819: Joshua Mason of Mandiant\n\n**GPU Drivers**\n\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD\n\nImpact: An app may be able to disclose kernel memory\n\nDescription: Multiple out-of-bounds write issues were addressed with improved bounds checking.\n\nCVE-2022-32793: an anonymous researcher\n\n**GPU Drivers**\n\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nCVE-2022-32821: John Aakerblom (@jaakerblom)\n\n**iCloud Photo Library**\n\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD\n\nImpact: An app may be able to access sensitive user information\n\nDescription: An information disclosure issue was addressed by removing the vulnerable code.\n\nCVE-2022-32849: Joshua Jones\n\n**ICU**\n\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2022-32787: Dohyun Lee (@l33d0hyun) of SSD Secure Disclosure Labs & DNSLab, Korea Univ.\n\n**ImageIO**\n\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD\n\nImpact: Processing a maliciously crafted image may result in disclosure of process memory\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32841: hjy79425575\n\n**ImageIO**\n\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD\n\nImpact: Processing a maliciously crafted file may lead to arbitrary code execution\n\nDescription: A logic issue was addressed with improved checks.\n\nCVE-2022-32802: Ivan Fratric of Google Project Zero, Mickey Jin (@patch1t)\n\n**ImageIO**\n\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD\n\nImpact: Processing a maliciously crafted image may lead to disclosure of user information\n\nDescription: An out-of-bounds read issue was addressed with improved bounds checking.\n\nCVE-2022-32830: Ye Zhang (@co0py_Cat) of Baidu Security\n\n**Kernel**\n\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD\n\nImpact: An app with root privileges may be able to execute arbitrary code with kernel privileges\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32813: Xinru Chi of Pangu Lab\n\nCVE-2022-32815: Xinru Chi of Pangu Lab\n\n**Kernel**\n\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD\n\nImpact: An app may be able to disclose kernel memory\n\nDescription: An out-of-bounds read issue was addressed with improved bounds checking.\n\nCVE-2022-32817: Xinru Chi of Pangu Lab\n\n**Kernel**\n\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD\n\nImpact: An app with arbitrary kernel read and write capability may be able to bypass Pointer Authentication\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-32844: Sreejith Krishnan R (@skr0x1c0)\n\n**Liblouis**\n\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD\n\nImpact: An app may cause unexpected app termination or arbitrary code execution\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-26981: Hexhive (hexhive.epfl.ch), NCNIPC of China (nipc.org.cn)\n\n**libxml2**\n\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD\n\nImpact: An app may be able to leak sensitive user information\n\nDescription: A memory initialization issue was addressed with improved memory handling.\n\nCVE-2022-32823\n\n**Multi-Touch**\n\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: A type confusion issue was addressed with improved checks.\n\nCVE-2022-32814: Pan ZhenPeng (@Peterpan0927)\n\n**Software Update**\n\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD\n\nImpact: A user in a privileged network position can track a user\u2019s activity\n\nDescription: This issue was addressed by using HTTPS when sending information over the network.\n\nCVE-2022-32857: Jeffrey Paul (sneak.berlin)\n\n**WebKit**\n\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD\n\nImpact: Visiting a website that frames malicious content may lead to UI spoofing\n\nDescription: The issue was addressed with improved UI handling.\n\nWebKit Bugzilla: 239316 \nCVE-2022-32816: Dohyun Lee (@l33d0hyun) of SSD Secure Disclosure Labs & DNSLab, Korea Univ.\n\n**WebKit**\n\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: An out-of-bounds write issue was addressed with improved input validation.\n\nWebKit Bugzilla: 240720 \nCVE-2022-32792: Manfred Paul (@_manfp) working with Trend Micro Zero Day Initiative\n\n**Wi-Fi**\n\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD\n\nImpact: An app may be able to cause unexpected system termination or write kernel memory\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-32837: Wang Yu of Cyberserval\n\n**Wi-Fi**\n\nAvailable for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD\n\nImpact: A remote user may be able to cause unexpected system termination or corrupt kernel memory\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-32847: Wang Yu of Cyberserval\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Additional recognition\n\n**802.1X**\n\nWe would like to acknowledge Shin Sun of National Taiwan University for their assistance.\n\n**AppleMobileFileIntegrity**\n\nWe would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive Security, Mickey Jin (@patch1t) of Trend Micro, and Wojciech Regu\u0142a (@_r3ggi) of SecuRing for their assistance.\n\n**configd**\n\nWe would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive Security, Mickey Jin (@patch1t) of Trend Micro, and Wojciech Regu\u0142a (@_r3ggi) of SecuRing for their assistance.\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: July 20, 2022\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-07-20T00:00:00", "type": "apple", "title": "About the security content of tvOS 15.6", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-26981", "CVE-2022-32787", "CVE-2022-32788", "CVE-2022-32792", "CVE-2022-32793", "CVE-2022-32802", "CVE-2022-32813", "CVE-2022-32814", "CVE-2022-32815", "CVE-2022-32816", "CVE-2022-32817", "CVE-2022-32819", "CVE-2022-32820", "CVE-2022-32821", "CVE-2022-32823", "CVE-2022-32824", "CVE-2022-32825", "CVE-2022-32826", "CVE-2022-32828", "CVE-2022-32830", "CVE-2022-32832", "CVE-2022-32837", "CVE-2022-32839", "CVE-2022-32841", "CVE-2022-32844", "CVE-2022-32847", "CVE-2022-32849", "CVE-2022-32857"], "modified": "2022-07-20T00:00:00", "id": "APPLE:525A1C81291F8006179082509655B7D2", "href": "https://support.apple.com/kb/HT213342", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-11-09T21:58:49", "description": "# About the security content of iOS 15.6 and iPadOS 15.6\n\nThis document describes the security content of iOS 15.6 and iPadOS 15.6.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## iOS 15.6 and iPadOS 15.6\n\nReleased July 20, 2022\n\n**APFS**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An app with root privileges may be able to execute arbitrary code with kernel privileges\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32832: Tommy Muir (@Muirey03)\n\n**AppleAVD**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A remote user may be able to cause kernel code execution\n\nDescription: A buffer overflow was addressed with improved bounds checking.\n\nCVE-2022-32788: Natalie Silvanovich of Google Project Zero\n\n**AppleAVD**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An app may be able to disclose kernel memory\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32824: Antonio Zekic (@antoniozekic) and John Aakerblom (@jaakerblom)\n\n**AppleMobileFileIntegrity**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An app may be able to gain root privileges\n\nDescription: An authorization issue was addressed with improved state management.\n\nCVE-2022-32826: Mickey Jin (@patch1t) of Trend Micro\n\n**Apple Neural Engine**\n\nAvailable for devices with Apple Neural Engine: iPhone 8 and later, iPad Pro (3rd generation) and later, iPad Air (3rd generation) and later, and iPad mini (5th generation)\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: An integer overflow was addressed with improved input validation.\n\nCVE-2022-42805: Mohamed Ghannam (@_simo36)\n\nEntry added November 9, 2022\n\n**Apple Neural Engine**\n\nAvailable for devices with Apple Neural Engine: iPhone 8 and later, iPad Pro (3rd generation) and later, iPad Air (3rd generation) and later, and iPad mini (5th generation)\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2022-32948: Mohamed Ghannam (@_simo36)\n\nEntry added November 9, 2022\n\n**Apple Neural Engine**\n\nAvailable for devices with Apple Neural Engine: iPhone 8 and later, iPad Pro (3rd generation) and later, iPad Air (3rd generation) and later, and iPad mini (5th generation)\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2022-32845: Mohamed Ghannam (@_simo36)\n\nEntry updated November 9, 2022 \n\n**Apple Neural Engine**\n\nAvailable for devices with Apple Neural Engine: iPhone 8 and later, iPad Pro (3rd generation) and later, iPad Air (3rd generation) and later, and iPad mini (5th generation)\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-32840: Mohamed Ghannam (@_simo36)\n\nCVE-2022-32829: Tingting Yin of Tsinghua University, and Min Zheng of Ant Group\n\nEntry updated September 16, 2022\n\n**Apple Neural Engine**\n\nAvailable for devices with Apple Neural Engine: iPhone 8 and later, iPad Pro (3rd generation) and later, iPad Air (3rd generation) and later, and iPad mini (5th generation)\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32810: Mohamed Ghannam (@_simo36)\n\n**Audio**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: An out-of-bounds write issue was addressed with improved input validation.\n\nCVE-2022-32820: an anonymous researcher\n\n**Audio**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An app may be able to disclose kernel memory\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32825: John Aakerblom (@jaakerblom)\n\n**CoreMedia**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An app may be able to disclose kernel memory\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32828: Antonio Zekic (@antoniozekic) and John Aakerblom (@jaakerblom)\n\n**CoreText**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A remote user may cause an unexpected app termination or arbitrary code execution\n\nDescription: The issue was addressed with improved bounds checks.\n\nCVE-2022-32839: STAR Labs (@starlabs_sg)\n\n**File System Events**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An app may be able to gain root privileges\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-32819: Joshua Mason of Mandiant\n\n**GPU Drivers**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An app may be able to disclose kernel memory\n\nDescription: Multiple out-of-bounds write issues were addressed with improved bounds checking.\n\nCVE-2022-32793: an anonymous researcher\n\n**GPU Drivers**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nCVE-2022-32821: John Aakerblom (@jaakerblom)\n\n**Home**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A user may be able to view restricted content from the lock screen\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-32855: Zitong Wu(\u5434\u6893\u6850) from Zhuhai No.1 Middle School(\u73e0\u6d77\u5e02\u7b2c\u4e00\u4e2d\u5b66)\n\nEntry updated September 16, 2022\n\n**iCloud Photo Library**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An app may be able to access sensitive user information\n\nDescription: An information disclosure issue was addressed by removing the vulnerable code.\n\nCVE-2022-32849: Joshua Jones\n\n**ICU**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2022-32787: Dohyun Lee (@l33d0hyun) of SSD Secure Disclosure Labs & DNSLab, Korea Univ.\n\n**ImageIO**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing a maliciously crafted image may result in disclosure of process memory\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32841: hjy79425575\n\n**ImageIO**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing a maliciously crafted file may lead to arbitrary code execution\n\nDescription: A logic issue was addressed with improved checks.\n\nCVE-2022-32802: Ivan Fratric of Google Project Zero, Mickey Jin (@patch1t)\n\n**ImageIO**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing a maliciously crafted image may lead to disclosure of user information\n\nDescription: An out-of-bounds read issue was addressed with improved bounds checking.\n\nCVE-2022-32830: Ye Zhang (@co0py_Cat) of Baidu Security\n\n**ImageIO**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing an image may lead to a denial-of-service\n\nDescription: A null pointer dereference was addressed with improved validation.\n\nCVE-2022-32785: Yi\u011fit Can YILMAZ (@yilmazcanyigit)\n\n**IOMobileFrameBuffer**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2022-26768: an anonymous researcher\n\n**Kernel**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An app with root privileges may be able to execute arbitrary code with kernel privileges\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32813: Xinru Chi of Pangu Lab\n\nCVE-2022-32815: Xinru Chi of Pangu Lab\n\n**Kernel**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An app may be able to disclose kernel memory\n\nDescription: An out-of-bounds read issue was addressed with improved bounds checking.\n\nCVE-2022-32817: Xinru Chi of Pangu Lab\n\n**Kernel**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An app with arbitrary kernel read and write capability may be able to bypass Pointer Authentication\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-32844: Sreejith Krishnan R (@skr0x1c0)\n\n**Kernel**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An app with arbitrary kernel read and write capability may be able to bypass Pointer Authentication\n\nDescription: A race condition was addressed with improved state handling.\n\nCVE-2022-32844: Sreejith Krishnan R (@skr0x1c0)\n\n**Liblouis**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An app may cause unexpected app termination or arbitrary code execution\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-26981: Hexhive (hexhive.epfl.ch), NCNIPC of China (nipc.org.cn)\n\n**libxml2**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An app may be able to leak sensitive user information\n\nDescription: A memory initialization issue was addressed with improved memory handling.\n\nCVE-2022-32823\n\n**Multi-Touch**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: A type confusion issue was addressed with improved state handling.\n\nCVE-2022-32814: Pan ZhenPeng (@Peterpan0927)\n\n**PluginKit**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An app may be able to read arbitrary files\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-32838: Mickey Jin (@patch1t) of Trend Micro\n\n**Safari Extensions**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Visiting a maliciously crafted website may leak sensitive data\n\nDescription: The issue was addressed with improved UI handling.\n\nCVE-2022-32784: Young Min Kim of CompSec Lab at Seoul National University\n\n**Software Update**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A user in a privileged network position can track a user\u2019s activity\n\nDescription: This issue was addressed by using HTTPS when sending information over the network.\n\nCVE-2022-32857: Jeffrey Paul (sneak.berlin)\n\n**WebKit**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Visiting a website that frames malicious content may lead to UI spoofing\n\nDescription: The issue was addressed with improved UI handling.\n\nWebKit Bugzilla: 239316 \nCVE-2022-32816: Dohyun Lee (@l33d0hyun) of SSD Secure Disclosure Labs & DNSLab, Korea Univ.\n\n**WebKit**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: An out-of-bounds write issue was addressed with improved input validation.\n\nWebKit Bugzilla: 240720 \nCVE-2022-32792: Manfred Paul (@_manfp) working with Trend Micro Zero Day Initiative\n\n**WebRTC**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nWebKit Bugzilla: 242339 \nCVE-2022-2294: Jan Vojtesek of Avast Threat Intelligence team\n\n**Wi-Fi**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: An out-of-bounds write was addressed with improved input validation.\n\nCVE-2022-32860: Wang Yu of Cyberserval\n\nEntry added November 9, 2022\n\n**Wi-Fi**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An app may be able to cause unexpected system termination or write kernel memory\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-32837: Wang Yu of Cyberserval\n\n**Wi-Fi**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A remote user may be able to cause unexpected system termination or corrupt kernel memory\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-32847: Wang Yu of Cyberserval\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Additional recognition\n\n**802.1X**\n\nWe would like to acknowledge Shin Sun of National Taiwan University for their assistance.\n\n**AppleMobileFileIntegrity**\n\nWe would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive Security, Mickey Jin (@patch1t) of Trend Micro, and Wojciech Regu\u0142a (@_r3ggi) of SecuRing for their assistance.\n\n**configd**\n\nWe would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive Security, Mickey Jin (@patch1t) of Trend Micro, and Wojciech Regu\u0142a (@_r3ggi) of SecuRing for their assistance.\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: November 09, 2022\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-07-20T00:00:00", "type": "apple", "title": "About the security content of iOS 15.6 and iPadOS 15.6", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-2294", "CVE-2022-26768", "CVE-2022-26981", "CVE-2022-32784", "CVE-2022-32785", "CVE-2022-32787", "CVE-2022-32788", "CVE-2022-32792", "CVE-2022-32793", "CVE-2022-32802", "CVE-2022-32810", "CVE-2022-32813", "CVE-2022-32814", "CVE-2022-32815", "CVE-2022-32816", "CVE-2022-32817", "CVE-2022-32819", "CVE-2022-32820", "CVE-2022-32821", "CVE-2022-32823", "CVE-2022-32824", "CVE-2022-32825", "CVE-2022-32826", "CVE-2022-32828", "CVE-2022-32829", "CVE-2022-32830", "CVE-2022-32832", "CVE-2022-32837", "CVE-2022-32838", "CVE-2022-32839", "CVE-2022-32840", "CVE-2022-32841", "CVE-2022-32844", "CVE-2022-32845", "CVE-2022-32847", "CVE-2022-32849", "CVE-2022-32855", "CVE-2022-32857", "CVE-2022-32860", "CVE-2022-32948", "CVE-2022-42805"], "modified": "2022-07-20T00:00:00", "id": "APPLE:DF68F7FFE1ED4E5157204A83619C4B89", "href": "https://support.apple.com/kb/HT213346", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-10-29T05:58:59", "description": "# About the security content of macOS Monterey 12.4\n\nThis document describes the security content of macOS Monterey 12.4.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## macOS Monterey 12.4\n\nReleased May 16, 2022\n\n**AMD**\n\nAvailable for: macOS Monterey\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2022-26772: an anonymous researcher\n\n**AMD**\n\nAvailable for: macOS Monterey\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A buffer overflow issue was addressed with improved memory handling.\n\nCVE-2022-26741: ABC Research s.r.o\n\nCVE-2022-26742: ABC Research s.r.o\n\nCVE-2022-26749: ABC Research s.r.o\n\nCVE-2022-26750: ABC Research s.r.o\n\nCVE-2022-26752: ABC Research s.r.o\n\nCVE-2022-26753: ABC Research s.r.o\n\nCVE-2022-26754: ABC Research s.r.o\n\n**apache**\n\nAvailable for: macOS Monterey\n\nImpact: Multiple issues in apache\n\nDescription: Multiple issues were addressed by updating apache to version 2.4.53.\n\nCVE-2021-44224\n\nCVE-2021-44790\n\nCVE-2022-22719\n\nCVE-2022-22720\n\nCVE-2022-22721\n\n**AppleGraphicsControl**\n\nAvailable for: macOS Monterey\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2022-26751: Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative\n\n**AppleMobileFileIntegrity**\n\nAvailable for: macOS Monterey\n\nImpact: A user may be able to view sensitive user information\n\nDescription: An issue in the handling of environment variables was addressed with improved validation.\n\nCVE-2022-26707: Wojciech Regu\u0142a (@_r3ggi) of SecuRing\n\nEntry added July 6, 2022\n\n**AppleScript**\n\nAvailable for: macOS Monterey\n\nImpact: Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory\n\nDescription: An out-of-bounds read issue was addressed with improved input validation.\n\nCVE-2022-26697: Qi Sun and Robert Ai of Trend Micro\n\n**AppleScript**\n\nAvailable for: macOS Monterey\n\nImpact: Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory\n\nDescription: An out-of-bounds read issue was addressed with improved bounds checking.\n\nCVE-2022-26698: Qi Sun of Trend Micro, Ye Zhang (@co0py_Cat) of Baidu Security\n\nEntry updated July 6, 2022\n\n**AVEVideoEncoder**\n\nAvailable for: macOS Monterey\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2022-26736: an anonymous researcher\n\nCVE-2022-26737: an anonymous researcher\n\nCVE-2022-26738: an anonymous researcher\n\nCVE-2022-26739: an anonymous researcher\n\nCVE-2022-26740: an anonymous researcher\n\n**Bluetooth**\n\nAvailable for: macOS Monterey\n\nImpact: An app may gain unauthorized access to Bluetooth\n\nDescription: A logic issue was addressed with improved checks.\n\nCVE-2022-32783: Jon Thompson of Evolve (Des Moines, IA)\n\nEntry added July 6, 2022\n\n**Contacts**\n\nAvailable for: macOS Monterey\n\nImpact: A plug-in may be able to inherit the application's permissions and access user data\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-26694: Wojciech Regu\u0142a (@_r3ggi) of SecuRing\n\n**CVMS**\n\nAvailable for: macOS Monterey\n\nImpact: A malicious application may be able to gain root privileges\n\nDescription: A memory initialization issue was addressed.\n\nCVE-2022-26721: Yonghwi Jin (@jinmo123) of Theori\n\nCVE-2022-26722: Yonghwi Jin (@jinmo123) of Theori\n\n**DriverKit**\n\nAvailable for: macOS Monterey\n\nImpact: A malicious application may be able to execute arbitrary code with system privileges\n\nDescription: An out-of-bounds access issue was addressed with improved bounds checking.\n\nCVE-2022-26763: Linus Henze of Pinauten GmbH (pinauten.de)\n\n**FaceTime**\n\nAvailable for: macOS Monterey\n\nImpact: An app with root privileges may be able to access private information\n\nDescription: This issue was addressed by enabling hardened runtime.\n\nCVE-2022-32781: Wojciech Regu\u0142a (@_r3ggi) of SecuRing\n\nEntry added July 6, 2022\n\n**ImageIO**\n\nAvailable for: macOS Monterey\n\nImpact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution\n\nDescription: An integer overflow issue was addressed with improved input validation.\n\nCVE-2022-26711: actae0n of Blacksun Hackers Club working with Trend Micro Zero Day Initiative\n\n**ImageIO**\n\nAvailable for: macOS Monterey\n\nImpact: Photo location information may persist after it is removed with Preview Inspector\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-26725: Andrew Williams and Avi Drissman of Google\n\n**Intel Graphics Driver**\n\nAvailable for: macOS Monterey\n\nImpact: A malicious application may be able to execute arbitrary code with kernel privileges\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2022-26720: Liu Long of Ant Security Light-Year Lab\n\n**Intel Graphics Driver**\n\nAvailable for: macOS Monterey\n\nImpact: A malicious application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2022-26769: Antonio Zekic (@antoniozekic)\n\n**Intel Graphics Driver**\n\nAvailable for: macOS Monterey\n\nImpact: A malicious application may be able to execute arbitrary code with kernel privileges\n\nDescription: An out-of-bounds read issue was addressed with improved input validation.\n\nCVE-2022-26770: Liu Long of Ant Security Light-Year Lab\n\n**Intel Graphics Driver**\n\nAvailable for: macOS Monterey\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: An out-of-bounds write issue was addressed with improved input validation.\n\nCVE-2022-26748: Jeonghoon Shin of Theori working with Trend Micro Zero Day Initiative\n\n**Intel Graphics Driver**\n\nAvailable for: macOS Monterey\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: An out-of-bounds write issue was addressed with improved input validation.\n\nCVE-2022-26756: Jack Dates of RET2 Systems, Inc\n\n**IOKit**\n\nAvailable for: macOS Monterey\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A race condition was addressed with improved locking.\n\nCVE-2022-26701: chenyuwang (@mzzzz__) of Tencent Security Xuanwu Lab\n\n**IOMobileFrameBuffer**\n\nAvailable for: macOS Monterey\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2022-26768: an anonymous researcher\n\n**Kernel**\n\nAvailable for: macOS Monterey\n\nImpact: An attacker that has already achieved code execution in macOS Recovery may be able to escalate to kernel privileges\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2022-26743: Jordy Zomer (@pwningsystems)\n\n**Kernel**\n\nAvailable for: macOS Monterey\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nCVE-2022-26714: Peter Nguy\u1ec5n V\u0169 Ho\u00e0ng (@peternguyen14) of STAR Labs (@starlabs_sg)\n\n**Kernel**\n\nAvailable for: macOS Monterey\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2022-26757: Ned Williamson of Google Project Zero\n\n**Kernel**\n\nAvailable for: macOS Monterey\n\nImpact: An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nCVE-2022-26764: Linus Henze of Pinauten GmbH (pinauten.de)\n\n**Kernel**\n\nAvailable for: macOS Monterey\n\nImpact: A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication\n\nDescription: A race condition was addressed with improved state handling.\n\nCVE-2022-26765: Linus Henze of Pinauten GmbH (pinauten.de)\n\n**LaunchServices**\n\nAvailable for: macOS Monterey\n\nImpact: A sandboxed process may be able to circumvent sandbox restrictions\n\nDescription: An access issue was addressed with additional sandbox restrictions on third-party applications.\n\nCVE-2022-26706: Arsenii Kostromin (0x3c3e), Jonathan Bar Or of Microsoft\n\nEntry updated July 6, 2022\n\n**LaunchServices**\n\nAvailable for: macOS Monterey\n\nImpact: A malicious application may be able to bypass Privacy preferences\n\nDescription: The issue was addressed with additional permissions checks.\n\nCVE-2022-26767: Wojciech Regu\u0142a (@_r3ggi) of SecuRing\n\n**Libinfo**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to bypass Privacy preferences\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-32882: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab\n\nEntry added September 16, 2022\n\n**libresolv**\n\nAvailable for: macOS Monterey\n\nImpact: A remote user may be able to cause a denial-of-service\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-32790: Max Shavrick (@_mxms) of the Google Security Team\n\nEntry added June 21, 2022\n\n**libresolv**\n\nAvailable for: macOS Monterey\n\nImpact: An attacker may be able to cause unexpected application termination or arbitrary code execution\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-26776: Zubair Ashraf of Crowdstrike, Max Shavrick (@_mxms) of the Google Security Team\n\nCVE-2022-26708: Max Shavrick (@_mxms) of the Google Security Team\n\n**libresolv**\n\nAvailable for: macOS Monterey\n\nImpact: An attacker may be able to cause unexpected application termination or arbitrary code execution\n\nDescription: An integer overflow was addressed with improved input validation.\n\nCVE-2022-26775: Max Shavrick (@_mxms) of the Google Security Team\n\n**LibreSSL**\n\nAvailable for: macOS Monterey\n\nImpact: Processing a maliciously crafted certificate may lead to a denial of service\n\nDescription: A denial of service issue was addressed with improved input validation.\n\nCVE-2022-0778\n\n**libxml2**\n\nAvailable for: macOS Monterey\n\nImpact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2022-23308\n\n**OpenSSL**\n\nAvailable for: macOS Monterey\n\nImpact: Processing a maliciously crafted certificate may lead to a denial of service\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-0778\n\n**PackageKit**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to gain elevated privileges\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-32794: Mickey Jin (@patch1t)\n\nEntry added October 4, 2022\n\n**PackageKit**\n\nAvailable for: macOS Monterey\n\nImpact: An application may be able to gain elevated privileges\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-22617: Mickey Jin (@patch1t)\n\nEntry added July 6, 2022\n\n**PackageKit**\n\nAvailable for: macOS Monterey\n\nImpact: A malicious application may be able to modify protected parts of the file system\n\nDescription: This issue was addressed by removing the vulnerable code.\n\nCVE-2022-26712: Mickey Jin (@patch1t)\n\n**PackageKit**\n\nAvailable for: macOS Monterey\n\nImpact: A malicious application may be able to modify protected parts of the file system\n\nDescription: This issue was addressed with improved entitlements.\n\nCVE-2022-26727: Mickey Jin (@patch1t)\n\n**Photo Booth**\n\nAvailable for: macOS Monterey\n\nImpact: An app with root privileges may be able to access private information\n\nDescription: This issue was addressed by enabling hardened runtime.\n\nCVE-2022-32782: Wojciech Regu\u0142a (@_r3ggi) of SecuRing\n\nEntry added July 6, 2022\n\n**Preview**\n\nAvailable for: macOS Monterey\n\nImpact: A plug-in may be able to inherit the application's permissions and access user data\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-26693: Wojciech Regu\u0142a (@_r3ggi) of SecuRing\n\n**Printing**\n\nAvailable for: macOS Monterey\n\nImpact: A malicious application may be able to bypass Privacy preferences\n\nDescription: This issue was addressed by removing the vulnerable code.\n\nCVE-2022-26746: @gorelics\n\n**Safari Private Browsing**\n\nAvailable for: macOS Monterey\n\nImpact: A malicious website may be able to track users in Safari private browsing mode\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-26731: an anonymous researcher\n\n**Security**\n\nAvailable for: macOS Monterey\n\nImpact: A malicious app may be able to bypass signature validation\n\nDescription: A certificate parsing issue was addressed with improved checks.\n\nCVE-2022-26766: Linus Henze of Pinauten GmbH (pinauten.de)\n\n**SMB**\n\nAvailable for: macOS Monterey\n\nImpact: An application may be able to gain elevated privileges\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2022-26715: Peter Nguy\u1ec5n V\u0169 Ho\u00e0ng of STAR Labs\n\n**SMB**\n\nAvailable for: macOS Monterey\n\nImpact: An application may be able to gain elevated privileges\n\nDescription: An out-of-bounds read issue was addressed with improved input validation.\n\nCVE-2022-26718: Peter Nguy\u1ec5n V\u0169 Ho\u00e0ng of STAR Labs\n\n**SMB**\n\nAvailable for: macOS Monterey\n\nImpact: Mounting a maliciously crafted Samba network share may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2022-26723: Felix Poulin-Belanger\n\n**SoftwareUpdate**\n\nAvailable for: macOS Monterey\n\nImpact: A malicious application may be able to access restricted files\n\nDescription: This issue was addressed with improved entitlements.\n\nCVE-2022-26728: Mickey Jin (@patch1t)\n\n**Spotlight**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to gain elevated privileges\n\nDescription: A validation issue existed in the handling of symlinks and was addressed with improved validation of symlinks.\n\nCVE-2022-26704: Joshua Mason of Mandiant\n\nEntry updated July 6, 2022\n\n**TCC**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to capture a user's screen\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-26726: an anonymous researcher\n\n**Tcl**\n\nAvailable for: macOS Monterey\n\nImpact: A malicious application may be able to break out of its sandbox\n\nDescription: This issue was addressed with improved environment sanitization.\n\nCVE-2022-26755: Arsenii Kostromin (0x3c3e)\n\n**Terminal**\n\nAvailable for: macOS Monterey\n\nImpact: A sandboxed process may be able to circumvent sandbox restrictions\n\nDescription: This issue was addressed with improved environment sanitization.\n\nCVE-2022-26696: Ron Waisberg, Wojciech Regu\u0142a (@_r3ggi) of SecuRing\n\nEntry added September 16, 2022\n\n**WebKit**\n\nAvailable for: macOS Monterey\n\nImpact: Processing maliciously crafted web content may lead to code execution\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nWebKit Bugzilla: 238178 \nCVE-2022-26700: ryuzaki\n\n**WebKit**\n\nAvailable for: macOS Monterey\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A use after free issue was addressed with improved memory management.\n\nWebKit Bugzilla: 236950 \nCVE-2022-26709: Chijin Zhou of ShuiMuYuLin Ltd and Tsinghua wingtecher lab\n\nWebKit Bugzilla: 237475 \nCVE-2022-26710: Chijin Zhou of ShuiMuYuLin Ltd and Tsinghua wingtecher lab\n\nWebKit Bugzilla: 238171 \nCVE-2022-26717: Jeonghoon Shin of Theori\n\n**WebKit**\n\nAvailable for: macOS Monterey\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nWebKit Bugzilla: 238183 \nCVE-2022-26716: SorryMybad (@S0rryMybad) of Kunlun Lab\n\nWebKit Bugzilla: 238699 \nCVE-2022-26719: Dongzhuo Zhao working with ADLab of Venustech\n\n**WebRTC**\n\nAvailable for: macOS Monterey\n\nImpact: Video self-preview in a webRTC call may be interrupted if the user answers a phone call\n\nDescription: A logic issue in the handling of concurrent media was addressed with improved state handling.\n\nWebKit Bugzilla: 237524 \nCVE-2022-22677: an anonymous researcher\n\n**Wi-Fi**\n\nAvailable for: macOS Monterey\n\nImpact: A malicious application may disclose restricted memory\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nCVE-2022-26745: Scarlet Raine\n\nEntry updated July 6, 2022\n\n**Wi-Fi**\n\nAvailable for: macOS Monterey\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2022-26761: Wang Yu of Cyberserval\n\n**Wi-Fi**\n\nAvailable for: macOS Monterey\n\nImpact: A malicious application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2022-26762: Wang Yu of Cyberserval\n\n**zip**\n\nAvailable for: macOS Monterey\n\nImpact: Processing a maliciously crafted file may lead to a denial of service\n\nDescription: A denial of service issue was addressed with improved state handling.\n\nCVE-2022-0530\n\n**zlib**\n\nAvailable for: macOS Monterey\n\nImpact: An attacker may be able to cause unexpected application termination or arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2018-25032: Tavis Ormandy\n\n**zsh**\n\nAvailable for: macOS Monterey\n\nImpact: A remote attacker may be able to cause arbitrary code execution\n\nDescription: This issue was addressed by updating to zsh version 5.8.1.\n\nCVE-2021-45444\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Additional recognition\n\n**AppleMobileFileIntegrity**\n\nWe would like to acknowledge Wojciech Regu\u0142a (@_r3ggi) of SecuRing for their assistance.\n\n**Bluetooth**\n\nWe would like to acknowledge Jann Horn of Project Zero for their assistance.\n\n**Calendar**\n\nWe would like to acknowledge Eugene Lim of Government Technology Agency of Singapore for their assistance.\n\n**FaceTime**\n\nWe would like to acknowledge Wojciech Regu\u0142a (@_r3ggi) of SecuRing for their assistance.\n\n**FileVault**\n\nWe would like to acknowledge Benjamin Adolphi of Promon Germany GmbH for their assistance.\n\n**Login Window**\n\nWe would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive Security for their assistance.\n\n**Photo Booth**\n\nWe would like to acknowledge Wojciech Regu\u0142a (@_r3ggi) of SecuRing for their assistance.\n\n**System Preferences**\n\nWe would like to acknowledge Mohammad Tausif Siddiqui (@toshsiddiqui) and an anonymous researcher for their assistance.\n\nEntry updated May 25, 2022 \n\n**WebKit**\n\nWe would like to acknowledge James Lee and an anonymous researcher for their assistance.\n\nEntry updated May 25, 2022 \n\n**Wi-Fi**\n\nWe would like to acknowledge Dana Morrison for their assistance.\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: October 04, 2022\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-05-16T00:00:00", "type": "apple", "title": "About the security content of macOS Monterey 12.4", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-25032", "CVE-2021-44224", "CVE-2021-44790", "CVE-2021-45444", "CVE-2022-0530", "CVE-2022-0778", "CVE-2022-22617", "CVE-2022-22677", "CVE-2022-22719", "CVE-2022-22720", "CVE-2022-22721", "CVE-2022-23308", "CVE-2022-26693", "CVE-2022-26694", "CVE-2022-26696", "CVE-2022-26697", "CVE-2022-26698", "CVE-2022-26700", "CVE-2022-26701", "CVE-2022-26704", "CVE-2022-26706", "CVE-2022-26707", "CVE-2022-26708", "CVE-2022-26709", "CVE-2022-26710", "CVE-2022-26711", "CVE-2022-26712", "CVE-2022-26714", "CVE-2022-26715", "CVE-2022-26716", "CVE-2022-26717", "CVE-2022-26718", "CVE-2022-26719", "CVE-2022-26720", "CVE-2022-26721", "CVE-2022-26722", "CVE-2022-26723", "CVE-2022-26725", "CVE-2022-26726", "CVE-2022-26727", "CVE-2022-26728", "CVE-2022-26731", "CVE-2022-26736", "CVE-2022-26737", "CVE-2022-26738", "CVE-2022-26739", "CVE-2022-26740", "CVE-2022-26741", "CVE-2022-26742", "CVE-2022-26743", "CVE-2022-26745", "CVE-2022-26746", "CVE-2022-26748", "CVE-2022-26749", "CVE-2022-26750", "CVE-2022-26751", "CVE-2022-26752", "CVE-2022-26753", "CVE-2022-26754", "CVE-2022-26755", "CVE-2022-26756", "CVE-2022-26757", "CVE-2022-26761", "CVE-2022-26762", "CVE-2022-26763", "CVE-2022-26764", "CVE-2022-26765", "CVE-2022-26766", "CVE-2022-26767", "CVE-2022-26768", "CVE-2022-26769", "CVE-2022-26770", "CVE-2022-26772", "CVE-2022-26775", "CVE-2022-26776", "CVE-2022-32781", "CVE-2022-32782", "CVE-2022-32783", "CVE-2022-32790", "CVE-2022-32794", "CVE-2022-32882"], "modified": "2022-05-16T00:00:00", "id": "APPLE:E82A2A3D978FD519CBF58A36F587B070", "href": "https://support.apple.com/kb/HT213257", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-11-18T14:56:52", "description": "# About the security content of macOS Monterey 12.3\n\nThis document describes the security content of macOS Monterey 12.3.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## macOS Monterey 12.3\n\nReleased March 14, 2022\n\n**Accelerate Framework**\n\nAvailable for: macOS Monterey\n\nImpact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2022-22633: ryuzaki\n\nEntry updated May 25, 2022\n\n**AMD**\n\nAvailable for: macOS Monterey\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2022-22669: an anonymous researcher\n\n**AppKit**\n\nAvailable for: macOS Monterey\n\nImpact: A malicious application may be able to gain root privileges\n\nDescription: A logic issue was addressed with improved validation.\n\nCVE-2022-22665: Lockheed Martin Red Team\n\n**AppleGraphicsControl**\n\nAvailable for: macOS Monterey\n\nImpact: An application may be able to gain elevated privileges\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2022-22631: Wang Yu of cyberserval\n\nEntry updated May 25, 2022\n\n**AppleScript**\n\nAvailable for: macOS Monterey\n\nImpact: Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2022-22625: Mickey Jin (@patch1t) of Trend Micro\n\n**AppleScript**\n\nAvailable for: macOS Monterey\n\nImpact: An application may be able to read restricted memory\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-22648: Mickey Jin (@patch1t) of Trend Micro\n\nEntry updated May 25, 2022\n\n**AppleScript**\n\nAvailable for: macOS Monterey\n\nImpact: Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2022-22626: Mickey Jin (@patch1t) of Trend Micro\n\nCVE-2022-22627: Qi Sun and Robert Ai of Trend Micro\n\n**AppleScript**\n\nAvailable for: macOS Monterey\n\nImpact: Processing a maliciously crafted file may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nCVE-2022-22597: Qi Sun and Robert Ai of Trend Micro\n\n**BOM**\n\nAvailable for: macOS Monterey\n\nImpact: A maliciously crafted ZIP archive may bypass Gatekeeper checks\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-22616: Ferdous Saljooki (@malwarezoo) and Jaron Bradley (@jbradley89) of Jamf Software, Mickey Jin (@patch1t)\n\n**CoreTypes**\n\nAvailable for: macOS Monterey\n\nImpact: A malicious application may bypass Gatekeeper checks\n\nDescription: This issue was addressed with improved checks to prevent unauthorized actions.\n\nCVE-2022-22663: Arsenii Kostromin (0x3c3e)\n\nEntry added May 25, 2022\n\n**CUPS**\n\nAvailable for: macOS Monterey\n\nImpact: An application may be able to gain elevated privileges\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-26691: Joshua Mason of Mandiant\n\nEntry added May 25, 2022\n\n**curl**\n\nAvailable for: macOS Monterey\n\nImpact: Multiple issues in curl\n\nDescription: Multiple issues were addressed by updating to curl version 7.79.1.\n\nCVE-2021-22946\n\nCVE-2021-22947\n\nCVE-2021-22945\n\nEntry updated March 21, 2022\n\n**FaceTime**\n\nAvailable for: macOS Monterey\n\nImpact: A user may send audio and video in a FaceTime call without knowing that they have done so\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-22643: Sonali Luthar of the University of Virginia, Michael Liao of the University of Illinois at Urbana-Champaign, Rohan Pahwa of Rutgers University, and Bao Nguyen of the University of Florida\n\n**GarageBand MIDI**\n\nAvailable for: macOS Monterey\n\nImpact: Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution\n\nDescription: A memory initialization issue was addressed with improved memory handling.\n\nCVE-2022-22657: Brandon Perry of Atredis Partners\n\n**GarageBand MIDI**\n\nAvailable for: macOS Monterey\n\nImpact: Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2022-22664: Brandon Perry of Atredis Partners\n\n**Graphics Drivers**\n\nAvailable for: macOS Monterey\n\nImpact: A malicious application may be able to execute arbitrary code with kernel privileges\n\nDescription: A buffer overflow was addressed with improved bounds checking.\n\nCVE-2021-30977: Jack Dates of RET2 Systems, Inc.\n\nEntry added May 25, 2022\n\n**ImageIO**\n\nAvailable for: macOS Monterey\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2022-22611: Xingyu Jin of Google\n\n**ImageIO**\n\nAvailable for: macOS Monterey\n\nImpact: Processing a maliciously crafted image may lead to heap corruption\n\nDescription: A memory consumption issue was addressed with improved memory handling.\n\nCVE-2022-22612: Xingyu Jin of Google\n\n**Intel Graphics Driver**\n\nAvailable for: macOS Monterey\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A type confusion issue was addressed with improved state handling.\n\nCVE-2022-22661: an anonymous researcher, Pan ZhenPeng (@Peterpan0927) of Alibaba Security Pandora Lab\n\nEntry updated May 25, 2022\n\n**IOGPUFamily**\n\nAvailable for: macOS Monterey\n\nImpact: An application may be able to gain elevated privileges\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2022-22641: Mohamed Ghannam (@_simo36)\n\n**Kernel**\n\nAvailable for: macOS Monterey\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2022-22613: Alex, an anonymous researcher\n\n**Kernel**\n\nAvailable for: macOS Monterey\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2022-22614: an anonymous researcher\n\nCVE-2022-22615: an anonymous researcher\n\n**Kernel**\n\nAvailable for: macOS Monterey\n\nImpact: A malicious application may be able to elevate privileges\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-22632: Keegan Saunders\n\n**Kernel**\n\nAvailable for: macOS Monterey\n\nImpact: An attacker in a privileged position may be able to perform a denial of service attack\n\nDescription: A null pointer dereference was addressed with improved validation.\n\nCVE-2022-22638: derrek (@derrekr6)\n\n**Kernel**\n\nAvailable for: macOS Monterey\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nCVE-2022-22640: sqrtpwn\n\n**libarchive**\n\nAvailable for: macOS Monterey\n\nImpact: Multiple issues in libarchive\n\nDescription: Multiple memory corruption issues existed in libarchive. These issues were addressed with improved input validation.\n\nCVE-2021-36976\n\n**LLVM**\n\nAvailable for: macOS Monterey\n\nImpact: An application may be able to delete files for which it does not have permission\n\nDescription: A race condition was addressed with additional validation.\n\nCVE-2022-21658: Florian Weimer (@fweimer)\n\nEntry added May 25, 2022\n\n**Login Window**\n\nAvailable for: macOS Monterey\n\nImpact: A person with access to a Mac may be able to bypass Login Window\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-22647: Yuto Ikeda of Kyushu University\n\nEntry updated May 25, 2022\n\n**LoginWindow**\n\nAvailable for: macOS Monterey\n\nImpact: A local attacker may be able to view the previous logged in user\u2019s desktop from the fast user switching screen\n\nDescription: An authentication issue was addressed with improved state management.\n\nCVE-2022-22656\n\n**MobileAccessoryUpdater**\n\nAvailable for: macOS Monterey\n\nImpact: A malicious application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2022-22672: Siddharth Aeri (@b1n4r1b01)\n\nEntry added May 25, 2022\n\n**NSSpellChecker**\n\nAvailable for: macOS Monterey\n\nImpact: A malicious application may be able to access information about a user's contacts\n\nDescription: A privacy issue existed in the handling of Contact cards. This was addressed with improved state management.\n\nCVE-2022-22644: Thomas Roth (@stacksmashing) of leveldown security\n\nEntry updated May 25, 2022\n\n**PackageKit**\n\nAvailable for: macOS Monterey\n\nImpact: A malicious application may be able to modify protected parts of the file system\n\nDescription: A race condition was addressed with additional validation.\n\nCVE-2022-26690: Mickey Jin (@patch1t) of Trend Micro\n\nEntry added May 25, 2022\n\n**PackageKit**\n\nAvailable for: macOS Monterey\n\nImpact: A malicious app with root privileges may be able to modify the contents of system files\n\nDescription: An issue in the handling of symlinks was addressed with improved validation.\n\nCVE-2022-26688: Mickey Jin (@patch1t) of Trend Micro\n\nEntry added May 25, 2022\n\n**PackageKit**\n\nAvailable for: macOS Monterey\n\nImpact: An application may be able to gain elevated privileges\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-22617: Mickey Jin (@patch1t)\n\n**Preferences**\n\nAvailable for: macOS Monterey\n\nImpact: A malicious application may be able to read other applications' settings\n\nDescription: The issue was addressed with additional permissions checks.\n\nCVE-2022-22609: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com)\n\n**QuickTime Player**\n\nAvailable for: macOS Monterey\n\nImpact: A plug-in may be able to inherit the application's permissions and access user data\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-22650: Wojciech Regu\u0142a (@_r3ggi) of SecuRing\n\n**Safari Downloads**\n\nAvailable for: macOS Monterey\n\nImpact: A maliciously crafted ZIP archive may bypass Gatekeeper checks\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-22616: Ferdous Saljooki (@malwarezoo) and Jaron Bradley (@jbradley89) of Jamf Software, Mickey Jin (@patch1t)\n\n**Sandbox**\n\nAvailable for: macOS Monterey\n\nImpact: A malicious application may be able to bypass certain Privacy preferences\n\nDescription: The issue was addressed with improved permissions logic.\n\nCVE-2022-22600: Sudhakar Muthumani (@sudhakarmuthu04) of Primefort Private Limited, Khiem Tran\n\nEntry updated May 25, 2022\n\n**Siri**\n\nAvailable for: macOS Monterey\n\nImpact: A person with physical access to a device may be able to use Siri to obtain some location information from the lock screen\n\nDescription: A permissions issue was addressed with improved validation.\n\nCVE-2022-22599: Andrew Goldberg of the University of Texas at Austin, McCombs School of Business (linkedin.com/andrew-goldberg-/)\n\nEntry updated May 25, 2022\n\n**SMB**\n\nAvailable for: macOS Monterey\n\nImpact: A remote attacker may be able to cause unexpected system termination or corrupt kernel memory\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2022-22651: Felix Poulin-Belanger\n\n**SoftwareUpdate**\n\nAvailable for: macOS Monterey\n\nImpact: An application may be able to gain elevated privileges\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-22639: Mickey Jin (@patch1t)\n\n**System Preferences**\n\nAvailable for: macOS Monterey\n\nImpact: An app may be able to spoof system notifications and UI\n\nDescription: This issue was addressed with a new entitlement.\n\nCVE-2022-22660: Guilherme Rambo of Best Buddy Apps (rambo.codes)\n\n**UIKit**\n\nAvailable for: macOS Monterey\n\nImpact: A person with physical access to an iOS device may be able to see sensitive information via keyboard suggestions\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-22621: Joey Hewitt\n\n**Vim**\n\nAvailable for: macOS Monterey\n\nImpact: Multiple issues in Vim\n\nDescription: Multiple issues were addressed by updating Vim.\n\nCVE-2021-4136\n\nCVE-2021-4166\n\nCVE-2021-4173\n\nCVE-2021-4187\n\nCVE-2021-4192\n\nCVE-2021-4193\n\nCVE-2021-46059\n\nCVE-2022-0128\n\nCVE-2022-0156\n\nCVE-2022-0158\n\n**VoiceOver**\n\nAvailable for: macOS Monterey\n\nImpact: A user may be able to view restricted content from the lock screen\n\nDescription: A lock screen issue was addressed with improved state management.\n\nCVE-2021-30918: an anonymous researcher\n\n**WebKit**\n\nAvailable for: macOS Monterey\n\nImpact: Processing maliciously crafted web content may disclose sensitive user information\n\nDescription: A cookie management issue was addressed with improved state management.\n\nWebKit Bugzilla: 232748 \nCVE-2022-22662: Prakash (@1lastBr3ath) of Threat Nix\n\n**WebKit**\n\nAvailable for: macOS Monterey\n\nImpact: Processing maliciously crafted web content may lead to code execution\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nWebKit Bugzilla: 232812 \nCVE-2022-22610: Quan Yin of Bigo Technology Live Client Team\n\n**WebKit**\n\nAvailable for: macOS Monterey\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A use after free issue was addressed with improved memory management.\n\nWebKit Bugzilla: 233172 \nCVE-2022-22624: Kirin (@Pwnrin) of Tencent Security Xuanwu Lab\n\nWebKit Bugzilla: 234147 \nCVE-2022-22628: Kirin (@Pwnrin) of Tencent Security Xuanwu Lab\n\n**WebKit**\n\nAvailable for: macOS Monterey\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A buffer overflow issue was addressed with improved memory handling.\n\nWebKit Bugzilla: 234966 \nCVE-2022-22629: Jeonghoon Shin at Theori working with Trend Micro Zero Day Initiative\n\n**WebKit**\n\nAvailable for: macOS Monterey\n\nImpact: A malicious website may cause unexpected cross-origin behavior\n\nDescription: A logic issue was addressed with improved state management.\n\nWebKit Bugzilla: 235294 \nCVE-2022-22637: Tom McKee of Google\n\n**Wi-Fi**\n\nAvailable for: macOS Monterey\n\nImpact: A malicious application may be able to leak sensitive user information\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2022-22668: MrPhil17\n\n**xar**\n\nAvailable for: macOS Monterey\n\nImpact: A local user may be able to write arbitrary files\n\nDescription: A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks.\n\nCVE-2022-22582: Richard Warren of NCC Group\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Additional recognition\n\n**AirDrop**\n\nWe would like to acknowledge Omar Espino (omespino.com), Ron Masas of BreakPoint.sh for their assistance.\n\n**Bluetooth**\n\nWe would like to acknowledge an anonymous researcher, chenyuwang (@mzzzz__) of Tencent Security Xuanwu Lab for their assistance.\n\n**Face Gallery**\n\nWe would like to acknowledge Tian Zhang (@KhaosT) for their assistance.\n\n**Intel Graphics Driver**\n\nWe would like to acknowledge Jack Dates of RET2 Systems, Inc., Yinyi Wu (@3ndy1) for their assistance.\n\n**Local Authentication**\n\nWe would like to acknowledge an anonymous researcher for their assistance.\n\n**Notes**\n\nWe would like to acknowledge Nathaniel Ekoniak of Ennate Technologies for their assistance.\n\n**Password Manager**\n\nWe would like to acknowledge Maximilian Golla (@m33x) of Max Planck Institute for Security and Privacy (MPI-SP) for their assistance.\n\n**Siri**\n\nWe would like to acknowledge an anonymous researcher for their assistance.\n\n**syslog**\n\nWe would like to acknowledge Yonghwi Jin (@jinmo123) of Theori for their assistance.\n\n**TCC**\n\nWe would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive Security for their assistance.\n\n**UIKit**\n\nWe would like to acknowledge Tim Shadel of Day Logger, Inc. for their assistance.\n\n**WebKit**\n\nWe would like to acknowledge Abdullah Md Shaleh for their assistance.\n\n**WebKit Storage**\n\nWe would like to acknowledge Martin Bajanik of FingerprintJS for their assistance.\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: May 25, 2022\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-03-14T00:00:00", "type": "apple", "title": "About the security content of macOS Monterey 12.3", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-22945", "CVE-2021-22946", "CVE-2021-22947", "CVE-2021-30918", "CVE-2021-30977", "CVE-2021-36976", "CVE-2021-4136", "CVE-2021-4166", "CVE-2021-4173", "CVE-2021-4187", "CVE-2021-4192", "CVE-2021-4193", "CVE-2021-46059", "CVE-2022-0128", "CVE-2022-0156", "CVE-2022-0158", "CVE-2022-21658", "CVE-2022-22582", "CVE-2022-22597", "CVE-2022-22599", "CVE-2022-22600", "CVE-2022-22609", "CVE-2022-22610", "CVE-2022-22611", "CVE-2022-22612", "CVE-2022-22613", "CVE-2022-22614", "CVE-2022-22615", "CVE-2022-22616", "CVE-2022-22617", "CVE-2022-22621", "CVE-2022-22624", "CVE-2022-22625", "CVE-2022-22626", "CVE-2022-22627", "CVE-2022-22628", "CVE-2022-22629", "CVE-2022-22631", "CVE-2022-22632", "CVE-2022-22633", "CVE-2022-22637", "CVE-2022-22638", "CVE-2022-22639", "CVE-2022-22640", "CVE-2022-22641", "CVE-2022-22643", "CVE-2022-22644", "CVE-2022-22647", "CVE-2022-22648", "CVE-2022-22650", "CVE-2022-22651", "CVE-2022-22656", "CVE-2022-22657", "CVE-2022-22660", "CVE-2022-22661", "CVE-2022-22662", "CVE-2022-22663", "CVE-2022-22664", "CVE-2022-22665", "CVE-2022-22668", "CVE-2022-22669", "CVE-2022-22672", "CVE-2022-26688", "CVE-2022-26690", "CVE-2022-26691"], "modified": "2022-03-14T00:00:00", "id": "APPLE:C9EF751487C406A634B9CBD013ECD410", "href": "https://support.apple.com/kb/HT213183", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-07-06T17:11:25", "description": "# About the security content of iOS 15.5 and iPadOS 15.5\n\nThis document describes the security content of iOS 15.5 and iPadOS 15.5.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## iOS 15.5 and iPadOS 15.5\n\nReleased May 16, 2022\n\n**AppleAVD**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2022-26702: an anonymous researcher\n\n**AppleGraphicsControl**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2022-26751: Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative\n\n**AVEVideoEncoder**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2022-26736: an anonymous researcher\n\nCVE-2022-26737: an anonymous researcher\n\nCVE-2022-26738: an anonymous researcher\n\nCVE-2022-26739: an anonymous researcher\n\nCVE-2022-26740: an anonymous researcher\n\n**DriverKit**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A malicious application may be able to execute arbitrary code with system privileges\n\nDescription: An out-of-bounds access issue was addressed with improved bounds checking.\n\nCVE-2022-26763: Linus Henze of Pinauten GmbH (pinauten.de)\n\n**FaceTime**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An app with root privileges may be able to access private information\n\nDescription: This issue was addressed by enabling hardened runtime.\n\nCVE-2022-32781: Wojciech Regu\u0142a (@_r3ggi) of SecuRing\n\nEntry added July 6, 2022\n\n**GPU Drivers**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2022-26744: an anonymous researcher\n\n**ImageIO**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution\n\nDescription: An integer overflow issue was addressed with improved input validation.\n\nCVE-2022-26711: actae0n of Blacksun Hackers Club working with Trend Micro Zero Day Initiative\n\n**IOKit**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A race condition was addressed with improved locking.\n\nCVE-2022-26701: chenyuwang (@mzzzz__) of Tencent Security Xuanwu Lab\n\n**IOSurfaceAccelerator**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A malicious application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2022-26771: an anonymous researcher\n\n**Kernel**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nCVE-2022-26714: Peter Nguy\u1ec5n V\u0169 Ho\u00e0ng (@peternguyen14) of STAR Labs (@starlabs_sg)\n\n**Kernel**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2022-26757: Ned Williamson of Google Project Zero\n\n**Kernel**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nCVE-2022-26764: Linus Henze of Pinauten GmbH (pinauten.de)\n\n**Kernel**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication\n\nDescription: A race condition was addressed with improved state handling.\n\nCVE-2022-26765: Linus Henze of Pinauten GmbH (pinauten.de)\n\n**LaunchServices**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A sandboxed process may be able to circumvent sandbox restrictions\n\nDescription: An access issue was addressed with additional sandbox restrictions on third-party applications.\n\nCVE-2022-26706: Arsenii Kostromin (0x3c3e), Jonathan Bar Or of Microsoft\n\nEntry updated July 6, 2022\n\n**libresolv**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An attacker may be able to cause unexpected application termination or arbitrary code execution\n\nDescription: An integer overflow was addressed with improved input validation.\n\nCVE-2022-26775: Max Shavrick (@_mxms) of the Google Security Team\n\nEntry added June 21, 2022\n\n**libresolv**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An attacker may be able to cause unexpected application termination or arbitrary code execution\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-26708: Max Shavrick (@_mxms) of the Google Security Team\n\nEntry added June 21, 2022\n\n**libresolv**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A remote user may be able to cause a denial-of-service\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-32790: Max Shavrick (@_mxms) of the Google Security Team\n\nEntry added June 21, 2022\n\n**libresolv**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An attacker may be able to cause unexpected application termination or arbitrary code execution\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-26776: Max Shavrick (@_mxms) of the Google Security Team, Zubair Ashraf of Crowdstrike\n\nEntry added June 21, 2022\n\n**libxml2**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2022-23308\n\n**Notes**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing a large input may lead to a denial of service\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-22673: Abhay Kailasia (@abhay_kailasia) of Lakshmi Narain College Of Technology Bhopal\n\n**Safari Private Browsing**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A malicious website may be able to track users in Safari private browsing mode\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-26731: an anonymous researcher\n\n**Security**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A malicious app may be able to bypass signature validation\n\nDescription: A certificate parsing issue was addressed with improved checks.\n\nCVE-2022-26766: Linus Henze of Pinauten GmbH (pinauten.de)\n\n**Shortcuts**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A person with physical access to an iOS device may be able to access photos from the lock screen\n\nDescription: An authorization issue was addressed with improved state management.\n\nCVE-2022-26703: Salman Syed (@slmnsd551)\n\n**WebKit**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing maliciously crafted web content may lead to code execution\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nWebKit Bugzilla: 238178 \nCVE-2022-26700: ryuzaki\n\n**WebKit**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A use after free issue was addressed with improved memory management.\n\nWebKit Bugzilla: 236950 \nCVE-2022-26709: Chijin Zhou of ShuiMuYuLin Ltd and Tsinghua wingtecher lab\n\nWebKit Bugzilla: 237475 \nCVE-2022-26710: Chijin Zhou of ShuiMuYuLin Ltd and Tsinghua wingtecher lab\n\nWebKit Bugzilla: 238171 \nCVE-2022-26717: Jeonghoon Shin of Theori\n\n**WebKit**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nWebKit Bugzilla: 238183 \nCVE-2022-26716: SorryMybad (@S0rryMybad) of Kunlun Lab\n\nWebKit Bugzilla: 238699 \nCVE-2022-26719: Dongzhuo Zhao working with ADLab of Venustech\n\n**WebRTC**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Video self-preview in a webRTC call may be interrupted if the user answers a phone call\n\nDescription: A logic issue in the handling of concurrent media was addressed with improved state handling.\n\nWebKit Bugzilla: 237524 \nCVE-2022-22677: an anonymous researcher\n\n**Wi-Fi**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A malicious application may disclose restricted memory\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nCVE-2022-26745: Scarlet Raine\n\nEntry updated July 6, 2022\n\n**Wi-Fi**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A malicious application may be able to elevate privileges\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2022-26760: 08Tc3wBB of ZecOps Mobile EDR Team\n\n**Wi-Fi**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A remote attacker may be able to cause a denial of service\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2015-4142: Kostya Kortchinsky of Google Security Team\n\n**Wi-Fi**\n\nAvailable for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A malicious application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2022-26762: Wang Yu of Cyberserval\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Additional recognition\n\n**AppleMobileFileIntegrity**\n\nWe would like to acknowledge Wojciech Regu\u0142a (@_r3ggi) of SecuRing for their assistance.\n\n**FaceTime**\n\nWe would like to acknowledge Wojciech Regu\u0142a (@_r3ggi) of SecuRing for their assistance.\n\n**WebKit**\n\nWe would like to acknowledge James Lee and an anonymous researcher for their assistance.\n\nEntry updated May 25, 2022 \n\n**Wi-Fi**\n\nWe would like to acknowledge 08Tc3wBB of ZecOps Mobile EDR Team for their assistance.\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: July 06, 2022\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-05-16T00:00:00", "type": "apple", "title": "About the security content of iOS 15.5 and iPadOS 15.5", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4142", "CVE-2022-22673", "CVE-2022-22677", "CVE-2022-23308", "CVE-2022-26700", "CVE-2022-26701", "CVE-2022-26702", "CVE-2022-26703", "CVE-2022-26706", "CVE-2022-26708", "CVE-2022-26709", "CVE-2022-26710", "CVE-2022-26711", "CVE-2022-26714", "CVE-2022-26716", "CVE-2022-26717", "CVE-2022-26719", "CVE-2022-26731", "CVE-2022-26736", "CVE-2022-26737", "CVE-2022-26738", "CVE-2022-26739", "CVE-2022-26740", "CVE-2022-26744", "CVE-2022-26745", "CVE-2022-26751", "CVE-2022-26757", "CVE-2022-26760", "CVE-2022-26762", "CVE-2022-26763", "CVE-2022-26764", "CVE-2022-26765", "CVE-2022-26766", "CVE-2022-26771", "CVE-2022-26775", "CVE-2022-26776", "CVE-2022-32781", "CVE-2022-32790"], "modified": "2022-05-16T00:00:00", "id": "APPLE:A95E7412240FFF6EACC98CE0311A5EE5", "href": "https://support.apple.com/kb/HT213258", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-12-22T14:09:36", "description": "# About the security content of macOS Ventura 13\n\nThis document describes the security content of macOS Ventura 13.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## macOS Ventura 13\n\nReleased October 24, 2022\n\n**Accelerate Framework**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: A memory consumption issue was addressed with improved memory handling.\n\nCVE-2022-42795: ryuzaki\n\n**Apple Neural Engine**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to leak sensitive kernel state\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32858: Mohamed Ghannam (@_simo36)\n\n**Apple Neural Engine**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32898: Mohamed Ghannam (@_simo36)\n\nCVE-2022-32899: Mohamed Ghannam (@_simo36)\n\n**AppleAVD**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to cause a denial-of-service\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2022-32827: Antonio Zekic (@antoniozekic), Natalie Silvanovich of Google Project Zero, an anonymous researcher\n\n**AppleMobileFileIntegrity**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to access user-sensitive data\n\nDescription: An issue in code signature validation was addressed with improved checks.\n\nCVE-2022-42789: Koh M. Nakagawa of FFRI Security, Inc.\n\n**AppleMobileFileIntegrity**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to modify protected parts of the file system\n\nDescription: This issue was addressed by removing additional entitlements.\n\nCVE-2022-42825: Mickey Jin (@patch1t)\n\n**ATS**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to bypass Privacy preferences\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-32902: Mickey Jin (@patch1t)\n\n**ATS**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to access user-sensitive data\n\nDescription: An access issue was addressed with additional sandbox restrictions.\n\nCVE-2022-32904: Mickey Jin (@patch1t)\n\n**ATS**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: A sandboxed process may be able to circumvent sandbox restrictions\n\nDescription: A logic issue was addressed with improved checks.\n\nCVE-2022-32890: Mickey Jin (@patch1t)\n\n**Audio**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to gain elevated privileges\n\nDescription: This issue was addressed by removing the vulnerable code.\n\nCVE-2022-42796: an anonymous researcher\n\n**Audio**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: Parsing a maliciously crafted audio file may lead to disclosure of user information \n\nDescription: The issue was addressed with improved memory handling. \n\nCVE-2022-42798: Anonymous working with Trend Micro Zero Day Initiative\n\nEntry added October 27, 2022\n\n**AVEVideoEncoder**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: The issue was addressed with improved bounds checks.\n\nCVE-2022-32940: ABC Research s.r.o.\n\n**BOM**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may bypass Gatekeeper checks\n\nDescription: A logic issue was addressed with improved checks.\n\nCVE-2022-42821: Jonathan Bar Or of Microsoft\n\nEntry added December 13, 2022\n\n**Calendar**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to read sensitive location information\n\nDescription: An access issue was addressed with improved access restrictions.\n\nCVE-2022-42819: an anonymous researcher\n\n**CFNetwork**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: Processing a maliciously crafted certificate may lead to arbitrary code execution\n\nDescription: A certificate validation issue existed in the handling of WKWebView. This issue was addressed with improved validation.\n\nCVE-2022-42813: Jonathan Zhang of Open Computing Facility (ocf.berkeley.edu)\n\n**ColorSync**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: A memory corruption issue existed in the processing of ICC profiles. This issue was addressed with improved input validation.\n\nCVE-2022-26730: David Hoyt of Hoyt LLC\n\n**Core Bluetooth**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to record audio with paired AirPods\n\nDescription: An access issue was addressed with additional sandbox restrictions on third-party apps.\n\nCVE-2022-32945: Guilherme Rambo of Best Buddy Apps (rambo.codes)\n\nEntry added November 9, 2022\n\n**CoreMedia**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: A camera extension may be able to continue receiving video after the app which activated was closed\n\nDescription: An issue with app access to camera data was addressed with improved logic.\n\nCVE-2022-42838: Halle Winkler (@hallewinkler) of Politepix\n\nEntry added December 22, 2022\n\n**Crash Reporter**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: A user with physical access to an iOS device may be able to read past diagnostic logs\n\nDescription: This issue was addressed with improved data protection.\n\nCVE-2022-32867: Kshitij Kumar and Jai Musunuri of Crowdstrike\n\n**curl**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: Multiple issues in curl\n\nDescription: Multiple issues were addressed by updating to curl version 7.84.0.\n\nCVE-2022-32205\n\nCVE-2022-32206\n\nCVE-2022-32207\n\nCVE-2022-32208\n\n**Directory Utility**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to access user-sensitive data\n\nDescription: A logic issue was addressed with improved checks.\n\nCVE-2022-42814: Sergii Kryvoblotskyi of MacPaw Inc.\n\n**DriverKit**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32865: Linus Henze of Pinauten GmbH (pinauten.de)\n\n**DriverKit**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: A type confusion issue was addressed with improved checks.\n\nCVE-2022-32915: Tommy Muir (@Muirey03)\n\n**Exchange**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: A user in a privileged network position may be able to intercept mail credentials\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2022-32928: an anonymous researcher\n\n**FaceTime**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: A user may be able to view restricted content from the lock screen \n\nDescription: A lock screen issue was addressed with improved state management. \n\nCVE-2022-32935: Bistrit Dahal\n\nEntry added October 27, 2022\n\n**Find My**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: A malicious application may be able to read sensitive location information\n\nDescription: A permissions issue existed. This issue was addressed with improved permission validation.\n\nCVE-2022-42788: Csaba Fitzl (@theevilbit) of Offensive Security, Wojciech Regu\u0142a of SecuRing (wojciechregula.blog)\n\n**Finder**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: Processing a maliciously crafted DMG file may lead to arbitrary code execution with system privileges\n\nDescription: This issue was addressed with improved validation of symlinks.\n\nCVE-2022-32905: Ron Masas (breakpoint.sh) of BreakPoint Technologies LTD\n\n**GPU Drivers**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2022-42833: Pan ZhenPeng (@Peterpan0927)\n\nEntry added December 22, 2022\n\n**GPU Drivers**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: A type confusion issue was addressed with improved state handling.\n\nCVE-2022-42833: Pan ZhenPeng (@Peterpan0927)\n\nEntry added November 9, 2022\n\n**GPU Drivers**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32947: Asahi Lina (@LinaAsahi)\n\n**Grapher**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: Processing a maliciously crafted gcx file may lead to unexpected app termination or arbitrary code execution\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-42809: Yutao Wang (@Jack) and Yu Zhou (@yuzhou6666)\n\n**Heimdal**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: A user may be able to cause unexpected app termination or arbitrary code execution\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-3437: Evgeny Legerov of Intevydis\n\nEntry added October 25, 2022\n\n**iCloud Photo Library**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to access user-sensitive data\n\nDescription: An information disclosure issue was addressed by removing the vulnerable code.\n\nCVE-2022-32849: Joshua Jones\n\nEntry added November 9, 2022\n\n**Image Processing**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: A sandboxed app may be able to determine which app is currently using the camera\n\nDescription: The issue was addressed with additional restrictions on the observability of app states.\n\nCVE-2022-32913: Yi\u011fit Can YILMAZ (@yilmazcanyigit)\n\n**ImageIO**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: Processing an image may lead to a denial-of-service\n\nDescription: A denial-of-service issue was addressed with improved validation.\n\nCVE-2022-1622\n\n**Intel Graphics Driver**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to disclose kernel memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2022-32936: Antonio Zekic (@antoniozekic)\n\n**IOHIDFamily**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may cause unexpected app termination or arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2022-42820: Peter Pan ZhenPeng of STAR Labs\n\n**IOKit**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: A race condition was addressed with improved locking.\n\nCVE-2022-42806: Tingting Yin of Tsinghua University\n\n**Kernel**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to disclose kernel memory\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32864: Linus Henze of Pinauten GmbH (pinauten.de)\n\n**Kernel**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32866: Linus Henze of Pinauten GmbH (pinauten.de)\n\nCVE-2022-32911: Zweig of Kunlun Lab\n\nCVE-2022-32924: Ian Beer of Google Project Zero\n\n**Kernel**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2022-32914: Zweig of Kunlun Lab\n\n**Kernel**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: A remote user may be able to cause kernel code execution\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2022-42808: Zweig of Kunlun Lab\n\n**Kernel**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved state management. \n\nCVE-2022-32944: Tim Michaud (@TimGMichaud) of Moveworks.ai\n\nEntry added October 27, 2022\n\n**Kernel**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to execute arbitrary code with kernel privileges \n\nDescription: A race condition was addressed with improved locking. \n\nCVE-2022-42803: Xinru Chi of Pangu Lab, John Aakerblom (@jaakerblom)\n\nEntry added October 27, 2022\n\n**Kernel**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app with root privileges may be able to execute arbitrary code with kernel privileges \n\nDescription: The issue was addressed with improved bounds checks.\n\nCVE-2022-32926: Tim Michaud (@TimGMichaud) of Moveworks.ai\n\nEntry added October 27, 2022\n\n**Kernel**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: A logic issue was addressed with improved checks.\n\nCVE-2022-42801: Ian Beer of Google Project Zero\n\nEntry added October 27, 2022\n\n**Mail**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to access user-sensitive data\n\nDescription: This issue was addressed with improved data protection.\n\nCVE-2022-42815: Csaba Fitzl (@theevilbit) of Offensive Security\n\n**Maps**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to read sensitive location information\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2022-32883: Ron Masas of breakpointhq.com\n\n**MediaLibrary**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: A user may be able to elevate privileges\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2022-32908: an anonymous researcher\n\n**Model I/O**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: Processing a maliciously crafted USD file may disclose memory contents \n\nDescription: The issue was addressed with improved memory handling. \n\nCVE-2022-42810: Xingwei Lin (@xwlin_roy) and Yinyi Wu of Ant Security Light-Year Lab\n\nEntry added October 27, 2022\n\n**ncurses**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: A user may be able to cause unexpected app termination or arbitrary code execution\n\nDescription: A buffer overflow was addressed with improved bounds checking.\n\nCVE-2021-39537\n\n**ncurses**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: Processing a maliciously crafted file may lead to a denial-of-service or potentially disclose memory contents\n\nDescription: A denial-of-service issue was addressed with improved validation.\n\nCVE-2022-29458\n\n**Notes**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: A user in a privileged network position may be able to track user activity\n\nDescription: This issue was addressed with improved data protection.\n\nCVE-2022-42818: Gustav Hansen from WithSecure\n\n**Notifications**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: A user with physical access to a device may be able to access contacts from the lock screen\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-32879: Ubeydullah S\u00fcmer\n\n**PackageKit**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to modify protected parts of the file system\n\nDescription: A race condition was addressed with improved state handling.\n\nCVE-2022-32895: Mickey Jin (@patch1t) of Trend Micro, Mickey Jin (@patch1t)\n\n**Photos**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to bypass Privacy preferences\n\nDescription: This issue was addressed with improved data protection.\n\nCVE-2022-32918: an anonymous researcher, Jugal Goradia of Aastha Technologies, Srijan Shivam Mishra of The Hack Report, Evan Ricafort (evanricafort.com) of Invalid Web Security, Amod Raghunath Patwardhan of Pune, India, Ashwani Rajput of Nagarro Software Pvt. Ltd\n\n**ppp**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app with root privileges may be able to execute arbitrary code with kernel privileges\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2022-42829: an anonymous researcher\n\n**ppp**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app with root privileges may be able to execute arbitrary code with kernel privileges\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-42830: an anonymous researcher\n\n**ppp**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app with root privileges may be able to execute arbitrary code with kernel privileges\n\nDescription: A race condition was addressed with improved locking.\n\nCVE-2022-42831: an anonymous researcher\n\nCVE-2022-42832: an anonymous researcher\n\n**ppp**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: A buffer overflow may result in arbitrary code execution \n\nDescription: The issue was addressed with improved bounds checks. CVE-2022-32941: an anonymous researcher\n\nEntry added October 27, 2022\n\n**Ruby**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: A remote user may be able to cause unexpected app termination or arbitrary code execution\n\nDescription: A memory corruption issue was addressed by updating Ruby to version 2.6.10.\n\nCVE-2022-28739\n\n**Sandbox**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to modify protected parts of the file system\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2022-32881: Csaba Fitzl (@theevilbit) of Offensive Security\n\n**Sandbox**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app with root privileges may be able to access private information\n\nDescription: This issue was addressed with improved data protection.\n\nCVE-2022-32862: an anonymous researcher\n\n**Sandbox**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to access user-sensitive data\n\nDescription: An access issue was addressed with additional sandbox restrictions.\n\nCVE-2022-42811: Justin Bui (@slyd0g) of Snowflake\n\n**Security**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to bypass code signing checks\n\nDescription: An issue in code signature validation was addressed with improved checks.\n\nCVE-2022-42793: Linus Henze of Pinauten GmbH (pinauten.de)\n\n**Shortcuts**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: A shortcut may be able to check the existence of an arbitrary path on the file system\n\nDescription: A parsing issue in the handling of directory paths was addressed with improved path validation.\n\nCVE-2022-32938: Cristian Dinca of Tudor Vianu National High School of Computer Science of. Romania\n\n**Sidecar**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: A user may be able to view restricted content from the lock screen\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-42790: Om kothawade of Zaprico Digital\n\n**Siri**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: A user with physical access to a device may be able to use Siri to obtain some call history information\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-32870: Andrew Goldberg of The McCombs School of Business, The University of Texas at Austin (linkedin.com/in/andrew-goldberg-/)\n\n**SMB**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: A remote user may be able to cause kernel code execution\n\nDescription: The issue was addressed with improved memory handling.\n\nCVE-2022-32934: Felix Poulin-Belanger\n\n**Software Update**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to execute arbitrary code with kernel privileges\n\nDescription: A race condition was addressed with improved state handling.\n\nCVE-2022-42791: Mickey Jin (@patch1t) of Trend Micro\n\n**SQLite**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: A remote user may be able to cause a denial-of-service\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2021-36690\n\n**Vim**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: Multiple issues in Vim\n\nDescription: Multiple issues were addressed by updating Vim.\n\nCVE-2022-0261\n\nCVE-2022-0318\n\nCVE-2022-0319\n\nCVE-2022-0351\n\nCVE-2022-0359\n\nCVE-2022-0361\n\nCVE-2022-0368\n\nCVE-2022-0392\n\nCVE-2022-0554\n\nCVE-2022-0572\n\nCVE-2022-0629\n\nCVE-2022-0685\n\nCVE-2022-0696\n\nCVE-2022-0714\n\nCVE-2022-0729\n\nCVE-2022-0943\n\nCVE-2022-1381\n\nCVE-2022-1420\n\nCVE-2022-1725\n\nCVE-2022-1616\n\nCVE-2022-1619\n\nCVE-2022-1620\n\nCVE-2022-1621\n\nCVE-2022-1629\n\nCVE-2022-1674\n\nCVE-2022-1733\n\nCVE-2022-1735\n\nCVE-2022-1769\n\nCVE-2022-1927\n\nCVE-2022-1942\n\nCVE-2022-1968\n\nCVE-2022-1851\n\nCVE-2022-1897\n\nCVE-2022-1898\n\nCVE-2022-1720\n\nCVE-2022-2000\n\nCVE-2022-2042\n\nCVE-2022-2124\n\nCVE-2022-2125\n\nCVE-2022-2126\n\n**Weather**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to read sensitive location information\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2022-32875: an anonymous researcher\n\n**WebKit**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A use after free issue was addressed with improved memory management.\n\nWebKit Bugzilla: 246669 \nCVE-2022-42826: Francisco Alonso (@revskills)\n\nEntry added December 22, 2022\n\n**WebKit**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A buffer overflow issue was addressed with improved memory handling.\n\nWebKit Bugzilla: 241969 \nCVE-2022-32886: P1umer (@p1umer), afang (@afang5472), xmzyshypnc (@xmzyshypnc1)\n\n**WebKit**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nWebKit Bugzilla: 242047 \nCVE-2022-32888: P1umer (@p1umer)\n\n**WebKit**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nWebKit Bugzilla: 242762 \nCVE-2022-32912: Jeonghoon Shin (@singi21a) at Theori working with Trend Micro Zero Day Initiative\n\n**WebKit**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: Visiting a malicious website may lead to user interface spoofing\n\nDescription: The issue was addressed with improved UI handling.\n\nWebKit Bugzilla: 243693 \nCVE-2022-42799: Jihwan Kim (@gPayl0ad), Dohyun Lee (@l33d0hyun)\n\n**WebKit**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A type confusion issue was addressed with improved memory handling.\n\nWebKit Bugzilla: 244622 \nCVE-2022-42823: Dohyun Lee (@l33d0hyun) of SSD Labs\n\n**WebKit**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: Processing maliciously crafted web content may disclose sensitive user information\n\nDescription: A logic issue was addressed with improved state management.\n\nWebKit Bugzilla: 245058 \nCVE-2022-42824: Abdulrahman Alqabandi of Microsoft Browser Vulnerability Research, Ryan Shin of IAAI SecLab at Korea University, Dohyun Lee (@l33d0hyun) of DNSLab at Korea University\n\n**WebKit**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: Processing maliciously crafted web content may disclose internal states of the app\n\nDescription: A correctness issue in the JIT was addressed with improved checks.\n\nWebKit Bugzilla: 242964 \nCVE-2022-32923: Wonyoung Jung (@nonetype_pwn) of KAIST Hacking Lab\n\nEntry added October 27, 2022\n\n**WebKit PDF**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A use after free issue was addressed with improved memory management.\n\nWebKit Bugzilla: 242781 \nCVE-2022-32922: Yonghwi Jin (@jinmo123) at Theori working with Trend Micro Zero Day Initiative\n\n**WebKit Sandboxing**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: A sandboxed process may be able to circumvent sandbox restrictions\n\nDescription: An access issue was addressed with improvements to the sandbox.\n\nWebKit Bugzilla: 243181 \nCVE-2022-32892: @18\u697c\u68a6\u60f3\u6539\u9020\u5bb6 and @jq0904 of DBAppSecurity's WeBin lab\n\n**WebKit Storage**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: An app may be able to bypass Privacy preferences\n\nDescription: The issue was addressed with improved handling of caches.\n\nCVE-2022-32833: Csaba Fitzl (@theevilbit) of Offensive Security, Jeff Johnson\n\nEntry added December 22, 2022\n\n**zlib**\n\nAvailable for: Mac Studio (2022), Mac Pro (2019 and later), MacBook Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018 and later), iMac (2017 and later), MacBook (2017), and iMac Pro (2017)\n\nImpact: A user may be able to cause unexpected app termination or arbitrary code execution \n\nDescription: This issue was addressed with improved checks.\n\nCVE-2022-37434: Evgeny Legerov\n\nCVE-2022-42800: Evgeny Legerov\n\nEntry added October 27, 2022\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Additional recognition\n\n**Airport**\n\nWe would like to acknowledge Joseph Salazar Acu\u00f1a and Renato Llamoca of Intrado-Life & Safety/Globant for their assistance.\n\n**AppleCredentialManage**r\n\nWe would like to acknowledge @jonathandata1 for their assistance.\n\n**FaceTime**\n\nWe would like to acknowledge an anonymous researcher for their assistance.\n\n**FileVault**\n\nWe would like to acknowledge Timothy Perfitt of Twocanoes Software for their assistance.\n\n**Find My**\n\nWe would like to acknowledge an anonymous researcher for their assistance.\n\n**Identity Services**\n\nWe would like to acknowledge Joshua Jones for their assistance.\n\n**IOAcceleratorFamily**\n\nWe would like to acknowledge Antonio Zekic (@antoniozekic) for their assistance.\n\n**IOGPUFamily**\n\nWe would like to acknowledge Wang Yu of cyberserval for their assistance.\n\nEntry added November 9, 2022\n\n**Kernel**\n\nWe would like to acknowledge Peter Nguyen of STAR Labs, Tim Michaud (@TimGMichaud) of Moveworks.ai, Tingting Yin of Tsinghua University, and Min Zheng of Ant Group, Tommy Muir (@Muirey03), an anonymous researcher for their assistance.\n\n**Login Window**\n\nWe would like to acknowledge Simon Tang (simontang.dev) for their assistance.\n\nEntry added November 9, 2022\n\n**Mail**\n\nWe would like to acknowledge an anonymous researcher for their assistance.\n\n**Mail Drafts**\n\nWe would like to acknowledge an anonymous researcher for their assistance.\n\n**Networking**\n\nWe would like to acknowledge Tim Michaud (@TimGMichaud) of Zoom Video Communications for their assistance.\n\n**Photo Booth**\n\nWe would like to acknowledge Prashanth Kannan of Dremio for their assistance.\n\n**Quick Look**\n\nWe would like to acknowledge Hilary \u201cIt\u2019s off by a Pixel\u201d Street for their assistance.\n\n**Sandbox**\n\nWe would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive Security for their assistance.\n\n**smbx**\n\nWe would like to acknowledge HD Moore of runZero Asset Inventory for their assistance.\n\n**System**\n\nWe would like to acknowledge Mickey Jin (@patch1t) of Trend Micro for their assistance.\n\n**System Settings**\n\nWe would like to acknowledge Bjorn Hellenbrand for their assistance.\n\n**UIKit**\n\nWe would like to acknowledge Aleczander Ewing for their assistance.\n\n**WebKit**\n\nWe would like to acknowledge Maddie Stone of Google Project Zero, Narendra Bhati (@imnarendrabhati) of Suma Soft Pvt. Ltd., an anonymous researcher for their assistance.\n\n**WebRTC**\n\nWe would like to acknowledge an anonymous researcher for their assistance.\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: December 22, 2022\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-24T00:00:00", "type": "apple", "title": "About the security content of macOS Ventura 13", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-36690", "CVE-2021-39537", "CVE-2022-0261", "CVE-2022-0318", "CVE-2022-0319", "CVE-2022-0351", "CVE-2022-0359", "CVE-2022-0361", "CVE-2022-0368", "CVE-2022-0392", "CVE-2022-0554", "CVE-2022-0572", "CVE-2022-0629", "CVE-2022-0685", "CVE-2022-0696", "CVE-2022-0714", "CVE-2022-0729", "CVE-2022-0943", "CVE-2022-1381", "CVE-2022-1420", "CVE-2022-1616", "CVE-2022-1619", "CVE-2022-1620", "CVE-2022-1621", "CVE-2022-1622", "CVE-2022-1629", "CVE-2022-1674", "CVE-2022-1720", "CVE-2022-1725", "CVE-2022-1733", "CVE-2022-1735", "CVE-2022-1769", "CVE-2022-1851", "CVE-2022-1897", "CVE-2022-1898", "CVE-2022-1927", "CVE-2022-1942", "CVE-2022-1968", "CVE-2022-2000", "CVE-2022-2042", "CVE-2022-2124", "CVE-2022-2125", "CVE-2022-2126", "CVE-2022-26730", "CVE-2022-28739", "CVE-2022-29458", "CVE-2022-32205", "CVE-2022-32206", "CVE-2022-32207", "CVE-2022-32208", "CVE-2022-32827", "CVE-2022-32833", "CVE-2022-32849", "CVE-2022-32858", "CVE-2022-32862", "CVE-2022-32864", "CVE-2022-32865", "CVE-2022-32866", "CVE-2022-32867", "CVE-2022-32870", "CVE-2022-32875", "CVE-2022-32879", "CVE-2022-32881", "CVE-2022-32883", "CVE-2022-32886", "CVE-2022-32888", "CVE-2022-32890", "CVE-2022-32892", "CVE-2022-32895", "CVE-2022-32898", "CVE-2022-32899", "CVE-2022-32902", "CVE-2022-32904", "CVE-2022-32905", "CVE-2022-32908", "CVE-2022-32911", "CVE-2022-32912", "CVE-2022-32913", "CVE-2022-32914", "CVE-2022-32915", "CVE-2022-32918", "CVE-2022-32922", "CVE-2022-32923", "CVE-2022-32924", "CVE-2022-32926", "CVE-2022-32928", "CVE-2022-32934", "CVE-2022-32935", "CVE-2022-32936", "CVE-2022-32938", "CVE-2022-32940", "CVE-2022-32941", "CVE-2022-32944", "CVE-2022-32945", "CVE-2022-32947", "CVE-2022-3437", "CVE-2022-37434", "CVE-2022-42788", "CVE-2022-42789", "CVE-2022-42790", "CVE-2022-42791", "CVE-2022-42793", "CVE-2022-42795", "CVE-2022-42796", "CVE-2022-42798", "CVE-2022-42799", "CVE-2022-42800", "CVE-2022-42801", "CVE-2022-42803", "CVE-2022-42806", "CVE-2022-42808", "CVE-2022-42809", "CVE-2022-42810", "CVE-2022-42811", "CVE-2022-42813", "CVE-2022-42814", "CVE-2022-42815", "CVE-2022-42818", "CVE-2022-42819", "CVE-2022-42820", "CVE-2022-42821", "CVE-2022-42823", "CVE-2022-42824", "CVE-2022-42825", "CVE-2022-42826", "CVE-2022-42829", "CVE-2022-42830", "CVE-2022-42831", "CVE-2022-42832", "CVE-2022-42833", "CVE-2022-42838"], "modified": "2022-10-24T00:00:00", "id": "APPLE:138DC64ECE1F07104C6EF7D22CA29AAF", "href": "https://support.apple.com/kb/HT213488", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "thn": [{"lastseen": "2022-07-21T11:59:02", "description": "[![Apple Vulnerabilities](https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEglTR0Ii9L3qtSuDJKc1Sna--9qt_00acsxU4IoPSOvvnV9AYpsHDRBRuGpUvXEBKFk3zIyrtzTLJZui-ibEM8KY0xP5ftNR1W9UV-5y_qDt8tUtfZeiowl-DxjAAUazrSAmy2M-ipK_aDRHBpBeVjyw-V_72rcorKKsv7-bUNu1v3jj5_Rc8TdoRDD/s728-e1000/apple.jpg)](<https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEglTR0Ii9L3qtSuDJKc1Sna--9qt_00acsxU4IoPSOvvnV9AYpsHDRBRuGpUvXEBKFk3zIyrtzTLJZui-ibEM8KY0xP5ftNR1W9UV-5y_qDt8tUtfZeiowl-DxjAAUazrSAmy2M-ipK_aDRHBpBeVjyw-V_72rcorKKsv7-bUNu1v3jj5_Rc8TdoRDD/s728-e100/apple.jpg>)\n\nApple on Wednesday rolled out [software fixes](<https://support.apple.com/en-us/HT201222>) for iOS, iPadOS, macOS, tvOS, and watchOS to address a number of security flaws affecting its platforms.\n\nThis includes at least 37 flaws spanning different components in iOS and macOS that range from privilege escalation to arbitrary code execution and from information disclosure to denial-of-service (DoS).\n\nChief among them is CVE-2022-2294, a memory corruption flaw in the WebRTC component that Google [disclosed](<https://thehackernews.com/2022/07/update-google-chrome-browser-to-patch.html>) earlier this month as having been exploited in real-world attacks aimed at users of the Chrome browser. There is, however, no evidence of in-the-wild zero-day exploitation of the flaw targeting iOS, macOS, and Safari.\n\n[![](https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEi0IORPLATc7sBagS3j2MEfWbfaT564we0HCpQxKyGV5ddTyfN4EXrPRxHhD1MbXvlGLR4KbmQXcsP9XTezTnpdH7V37ZhUsQLaJveId9m4lGa2trimp13A0tDRcJk51jkg7-Q70-Pnmv_4unts53n3uIo15x3DSOurm_ITR2KTT-jYyIgfeas62tSe/s728-e100/apple.jpg)](<https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEi0IORPLATc7sBagS3j2MEfWbfaT564we0HCpQxKyGV5ddTyfN4EXrPRxHhD1MbXvlGLR4KbmQXcsP9XTezTnpdH7V37ZhUsQLaJveId9m4lGa2trimp13A0tDRcJk51jkg7-Q70-Pnmv_4unts53n3uIo15x3DSOurm_ITR2KTT-jYyIgfeas62tSe/s728-e100/apple.jpg>)\n\nBesides CVE-2022-2294, the updates also address several arbitrary code execution flaws impacting Apple Neural Engine (CVE-2022-32810, CVE-2022-32829, and CVE-2022-32840), Audio (CVE-2022-32820), GPU Drivers (CVE-2022-32821), ImageIO (CVE-2022-32802), IOMobileFrameBuffer (CVE-2022-26768), Kernel (CVE-2022-32813 and CVE-2022-32815), and WebKit (CVE-2022-32792).\n\nAlso patched is a [Pointer Authentication](<https://thehackernews.com/2022/06/mit-researchers-discover-new-flaw-in.html>) bypass affecting the Kernel (CVE-2022-32844), a DoS bug in the ImageIO component (CVE-2022-32785), and two privilege escalation flaws in AppleMobileFileIntegrity and File System Events (CVE-2022-32819 and CVE-2022-32826).\n\nWhat's more, the latest version of macOS resolves five security vulnerabilities in the SMB module that could be potentially exploited by a malicious app to gain elevated privileges, leak sensitive information, and execute arbitrary code with kernel privileges.\n\nUsers of Apple devices are recommended to update to iOS 15.6, iPadOS 15.6, macOS Monterey 12.5 (Big Sur 11.6.8 or 2022-005 Catalina for older generation Macs), tvOS 15.6, and watchOS 8.7 to obtain the latest security protections.\n\n \n\n\nFound this article interesting? Follow THN on [Facebook](<https://www.facebook.com/thehackernews>), [Twitter _\uf099_](<https://twitter.com/thehackersnews>) and [LinkedIn](<https://www.linkedin.com/company/thehackernews/>) to read more exclusive content we post.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-07-21T06:40:00", "type": "thn", "title": "Apple Releases Security Patches for all Devices Fixing Dozens of New Vulnerabilities", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-2294", "CVE-2022-26768", "CVE-2022-32785", "CVE-2022-32792", "CVE-2022-32802", "CVE-2022-32810", "CVE-2022-32813", "CVE-2022-32815", "CVE-2022-32819", "CVE-2022-32820", "CVE-2022-32821", "CVE-2022-32826", "CVE-2022-32829", "CVE-2022-32840", "CVE-2022-32844"], "modified": "2022-07-21T11:31:25", "id": "THN:80C4CCCAB293DD273948D1317EAC8B73", "href": "https://thehackernews.com/2022/07/apple-releases-security-patches-for-all.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-10-07T06:04:54", "description": "[![macOS Archive Utility Vulnerability](https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEh_bGaWK8rcy2QKWG7Xuq4VBEffsgfDInoNBAISv6CT_exfy0ii_3WAmKPQKFrsOrwt1WiawgftmZDgz18pKv_3pRNE33JKmvGvEvCYRb7e9_TJRZFOqzhlCGRgw-gWhAUlGBMwKW_qkXOSmQGGr04R5JuzvqDx16Na9zpD695l4HaUtWLBOQogzntc/s728-e1000/macos.jpg)](<https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEh_bGaWK8rcy2QKWG7Xuq4VBEffsgfDInoNBAISv6CT_exfy0ii_3WAmKPQKFrsOrwt1WiawgftmZDgz18pKv_3pRNE33JKmvGvEvCYRb7e9_TJRZFOqzhlCGRgw-gWhAUlGBMwKW_qkXOSmQGGr04R5JuzvqDx16Na9zpD695l4HaUtWLBOQogzntc/s728-e100/macos.jpg>)\n\nSecurity researchers have shared details about a now-addressed security flaw in Apple's macOS operating system that could be potentially exploited to run malicious applications in a manner that can bypass Apple's security measures.\n\nThe vulnerability, tracked as [CVE-2022-32910](<https://www.jamf.com/blog/jamf-threat-labs-macos-archive-utility-vulnerability/>), is rooted in the built-in Archive Utility and \"could lead to the execution of an unsigned and unnotarized application without displaying security prompts to the user, by using a specially crafted archive,\" Apple device management firm [Jamf](<https://www.jamf.com/blog/jamf-threat-labs-macos-archive-utility-vulnerability/>) said in an analysis.\n\nFollowing responsible disclosure on May 31, 2022, Apple addressed the issue as part of [macOS Big Sur 11.6.8](<https://support.apple.com/en-us/HT213344>) and [Monterey 12.5](<https://support.apple.com/en-us/HT213345>) released on July 20, 2022. The tech giant, for its part, also revised the earlier-issued advisories as of October 4 to add an entry for the flaw.\n\nApple described the bug as a logic issue that could allow an archive file to get around Gatekeeper checks, which is designed so as to ascertain that only trusted software runs on the operating system.\n\nThe security technology achieves this by verifying that the downloaded package is from a legitimate developer and has been notarized by Apple \u2013 i.e., given a stamp of approval to ensure it's not been maliciously tampered with.\n\n[![Vulnerability](https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEhjAIy0uBtlihFi5MNLwqvoCJWzJcq_whjlFhhF-gQ3CyYtLeI7sMh4WzstBSeTgAnHm_DXK1wVYyn7syuHBLuS1d-ReIPCION05vQXC-sqJyAgjsE82K7EZ27nJlvJ7L_c6uMIZFPcto1NX78zAhrg0k6dHonf74LxixQe6RzrAPNsr0jLiMUjXhDCQw/s728-e1000/mac.jpg)](<https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEhjAIy0uBtlihFi5MNLwqvoCJWzJcq_whjlFhhF-gQ3CyYtLeI7sMh4WzstBSeTgAnHm_DXK1wVYyn7syuHBLuS1d-ReIPCION05vQXC-sqJyAgjsE82K7EZ27nJlvJ7L_c6uMIZFPcto1NX78zAhrg0k6dHonf74LxixQe6RzrAPNsr0jLiMUjXhDCQw/s728-e100/mac.jpg>)\n\n\"Gatekeeper also requests user approval before opening downloaded software for the first time to make sure the user hasn't been tricked into running executable code they believed to simply be a data file,\" Apple [notes](<https://support.apple.com/en-in/guide/deployment/dep323ab8aa3/web>) in its support documentation.\n\nIt's also worth noting archive files downloaded from the internet are tagged with the \"com.apple.quarantine\" extended attribute, including the items within the file, so as to trigger a Gatekeeper check prior to execution.\n\nBut in a peculiar quirk discovered by Jamf, it was found that the Archive Utility fails to add the quarantine attribute to a folder \"when extracting an archive containing two or more files or folders in its root directory.\"\n\nThus by creating an archive file with the extension \"exploit.app.zip,\" it leads to a scenario where an unarchival results in the creation of a folder titled \"exploit.app,\" while also lacking the quarantine attribute.\n\nThis application \"will bypass all Gatekeeper checks allowing an unnotarized and/or unsigned binary to execute,\" Jamf researcher Ferdous Saljooki, who discovered the flaw, said. Apple said it resolved the vulnerability with improved checks.\n\nThe findings come more than six months after Apple addressed [another similar flaw](<https://www.jamf.com/blog/jamf-threat-labs-safari-vuln-gatekeeper-bypass/>) in macOS Catalina, Big Sur 11.6.5, and Monterey 12.3 ([CVE-2022-22616](<https://nvd.nist.gov/vuln/detail/CVE-2022-22616>)) that could allow a malicious ZIP archive to bypass Gatekeeper checks.\n\n \n\n\nFound this article interesting? Follow THN on [Facebook](<https://www.facebook.com/thehackernews>), [Twitter _\uf099_](<https://twitter.com/thehackersnews>) and [LinkedIn](<https://www.linkedin.com/company/thehackernews/>) to read more exclusive content we post.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-10-06T12:20:00", "type": "thn", "title": "Details Released for Recently Patched new macOS Archive Utility Vulnerability", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-22616", "CVE-2022-32910"], "modified": "2022-10-07T05:13:21", "id": "THN:D49EB15A8EC646123A52948B0E3A1F24", "href": "https://thehackernews.com/2022/10/details-released-for-recently-patched.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "fedora": [{"lastseen": "2022-01-15T18:16:04", "description": "VIM (VIsual editor iMproved) is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more. ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-01-14T01:29:12", "type": "fedora", "title": "[SECURITY] Fedora 35 Update: vim-8.2.4068-1.fc35", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-46059", "CVE-2022-0156", "CVE-2022-0158"], "modified": "2022-01-14T01:29:12", "id": "FEDORA:1270B3084039", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/HD5S2FC2HF22A7XQXK2XXIR46EARVWIM/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-01-25T01:32:22", "description": "VIM (VIsual editor iMproved) is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more. ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-01-24T01:04:20", "type": "fedora", "title": "[SECURITY] Fedora 34 Update: vim-8.2.4068-1.fc34", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4136", "CVE-2021-4166", "CVE-2021-4173", "CVE-2021-4186", "CVE-2021-4187", "CVE-2021-4192", "CVE-2021-4193", "CVE-2021-46059", "CVE-2022-0156", "CVE-2022-0158"], "modified": "2022-01-24T01:04:20", "id": "FEDORA:24C9A3192282", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "cve": [{"lastseen": "2022-12-20T17:13:24", "description": "An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5, macOS Big Sur 11.6.8. An app may be able to execute arbitrary code with kernel privileges.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-12-15T19:15:00", "type": "cve", "title": "CVE-2022-32860", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-32860"], "modified": "2022-12-20T15:06:00", "cpe": [], "id": "CVE-2022-32860", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32860", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": []}, {"lastseen": "2022-11-03T15:13:13", "description": "A logic issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6.8, macOS Monterey 12.5, Security Update 2022-005 Catalina. An archive may be able to bypass Gatekeeper.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-11-01T20:15:00", "type": "cve", "title": "CVE-2022-32910", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-32910"], "modified": "2022-11-03T12:43:00", "cpe": ["cpe:/o:apple:mac_os_x:10.15.7"], "id": "CVE-2022-32910", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32910", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-005:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-007:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-008:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-004:*:*:*:*:*:*"]}, {"lastseen": "2022-09-27T20:23:23", "description": "A logic issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6.8, macOS Monterey 12.5. An app may be able to capture a user\u2019s screen.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-09-23T19:15:00", "type": "cve", "title": "CVE-2022-32848", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-32848"], "modified": "2022-09-27T19:02:00", "cpe": [], "id": "CVE-2022-32848", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32848", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": []}, {"lastseen": "2022-11-02T16:14:54", "description": "An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.1, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.2}, "published": "2022-09-23T19:15:00", "type": "cve", "title": "CVE-2022-32851", "cwe": ["CWE-125"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-32851"], "modified": "2022-11-02T13:18:00", "cpe": ["cpe:/o:apple:macos:10.15.7", "cpe:/o:apple:mac_os_x:10.15.7"], "id": "CVE-2022-32851", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32851", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:10.15.7:-:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-008:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:10.15.7:security_update_2022-004:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-002:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*"]}, {"lastseen": "2022-11-02T16:14:55", "description": "An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing a maliciously crafted Postscript file may result in unexpected app termination or disclosure of process memory.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.1, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.2}, "published": "2022-09-23T19:15:00", "type": "cve", "title": "CVE-2022-32843", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-32843"], "modified": "2022-11-02T13:18:00", "cpe": ["cpe:/o:apple:macos:10.15.7", "cpe:/o:apple:mac_os_x:10.15.7"], "id": "CVE-2022-32843", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32843", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:10.15.7:-:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-008:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:10.15.7:security_update_2022-004:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-002:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*"]}, {"lastseen": "2022-11-02T16:15:06", "description": "The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina. An app may be able to execute arbitrary code with kernel privileges.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-08-24T20:15:00", "type": "cve", "title": "CVE-2022-32812", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-32812"], "modified": "2022-11-02T13:18:00", "cpe": ["cpe:/o:apple:macos:10.15.7", "cpe:/o:apple:mac_os_x:10.15.7"], "id": "CVE-2022-32812", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32812", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:10.15.7:-:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-008:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:10.15.7:security_update_2022-004:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-002:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*"]}, {"lastseen": "2022-11-02T16:14:54", "description": "An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.1, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.2}, "published": "2022-09-23T19:15:00", "type": "cve", "title": "CVE-2022-32853", "cwe": ["CWE-125"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-32853"], "modified": "2022-11-02T13:18:00", "cpe": ["cpe:/o:apple:macos:10.15.7", "cpe:/o:apple:mac_os_x:10.15.7"], "id": "CVE-2022-32853", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32853", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:10.15.7:-:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-008:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:10.15.7:security_update_2022-004:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-002:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*"]}, {"lastseen": "2022-11-02T16:15:06", "description": "An access issue was addressed with improvements to the sandbox. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina. An app may be able to access sensitive user information.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-08-24T20:15:00", "type": "cve", "title": "CVE-2022-32834", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-32834"], "modified": "2022-11-02T13:18:00", "cpe": ["cpe:/o:apple:macos:10.15.7", "cpe:/o:apple:mac_os_x:10.15.7"], "id": "CVE-2022-32834", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32834", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:10.15.7:-:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-008:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:10.15.7:security_update_2022-004:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-002:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*"]}, {"lastseen": "2022-11-10T17:53:22", "description": "A validation issue existed in the handling of symlinks and was addressed with improved validation of symlinks. This issue is fixed in macOS Monterey 12.4. An app may be able to gain elevated privileges.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-05-26T19:15:00", "type": "cve", "title": "CVE-2022-26704", "cwe": ["CWE-59"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-26704"], "modified": "2022-11-10T16:29:00", "cpe": ["cpe:/o:apple:mac_os_x:10.15.7"], "id": "CVE-2022-26704", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-26704", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-008:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-004:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-007:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-002:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-005:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*"]}, {"lastseen": "2023-01-12T21:25:58", "description": "A type confusion issue was addressed with improved state handling. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-23T20:15:00", "type": "cve", "title": "CVE-2022-32814", "cwe": ["CWE-843"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-32814"], "modified": "2023-01-12T20:09:00", "cpe": [], "id": "CVE-2022-32814", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32814", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": []}, {"lastseen": "2022-11-02T16:14:55", "description": "An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.1, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.2}, "published": "2022-09-23T19:15:00", "type": "cve", "title": "CVE-2022-32831", "cwe": ["CWE-125"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-32831"], "modified": "2022-11-02T13:18:00", "cpe": ["cpe:/o:apple:macos:10.15.7", "cpe:/o:apple:mac_os_x:10.15.7"], "id": "CVE-2022-32831", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32831", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:10.15.7:-:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-008:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:10.15.7:security_update_2022-004:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-002:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*"]}, {"lastseen": "2022-11-02T16:15:06", "description": "This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina, iOS 15.6 and iPadOS 15.6, tvOS 15.6, watchOS 8.7. A user in a privileged network position can track a user\u2019s activity.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2022-08-24T20:15:00", "type": "cve", "title": "CVE-2022-32857", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-32857"], "modified": "2022-11-02T13:18:00", "cpe": ["cpe:/o:apple:macos:10.15.7", "cpe:/o:apple:mac_os_x:10.15.7"], "id": "CVE-2022-32857", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32857", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:10.15.7:-:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-008:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:10.15.7:security_update_2022-004:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-002:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*"]}, {"lastseen": "2023-01-09T17:51:36", "description": "The issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5. An app may be able to disclose kernel memory.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-09-23T19:15:00", "type": "cve", "title": "CVE-2022-32825", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-32825"], "modified": "2023-01-09T16:41:00", "cpe": [], "id": "CVE-2022-32825", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32825", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": []}, {"lastseen": "2023-01-09T17:51:35", "description": "This issue was addressed with improved checks. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. A remote user may be able to cause unexpected system termination or corrupt kernel memory.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2022-09-23T19:15:00", "type": "cve", "title": "CVE-2022-32847", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-32847"], "modified": "2023-01-09T16:41:00", "cpe": ["cpe:/o:apple:macos:10.15.7", "cpe:/o:apple:mac_os_x:10.15.7"], "id": "CVE-2022-32847", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32847", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-002:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:10.15.7:-:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-008:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:10.15.7:security_update_2022-004:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*"]}, {"lastseen": "2023-01-09T17:51:38", "description": "An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. Processing maliciously crafted web content may lead to arbitrary code execution.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-23T19:15:00", "type": "cve", "title": "CVE-2022-32787", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-32787"], "modified": "2023-01-09T16:41:00", "cpe": ["cpe:/o:apple:macos:10.15.7", "cpe:/o:apple:mac_os_x:10.15.7"], "id": "CVE-2022-32787", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32787", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-002:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:10.15.7:-:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-008:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:10.15.7:security_update_2022-004:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*"]}, {"lastseen": "2022-11-02T16:14:56", "description": "The issue was addressed with improved handling of caches. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. An app may be able to access sensitive user information.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-09-23T19:15:00", "type": "cve", "title": "CVE-2022-32805", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-32805"], "modified": "2022-11-02T13:18:00", "cpe": ["cpe:/o:apple:macos:10.15.7", "cpe:/o:apple:mac_os_x:10.15.7"], "id": "CVE-2022-32805", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32805", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:10.15.7:-:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-008:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:10.15.7:security_update_2022-004:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-002:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*"]}, {"lastseen": "2022-11-02T16:14:56", "description": "This issue was addressed with improved file handling. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. An app may be able to overwrite arbitrary files.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.1, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.2}, "published": "2022-09-23T19:15:00", "type": "cve", "title": "CVE-2022-32807", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-32807"], "modified": "2022-11-02T13:18:00", "cpe": ["cpe:/o:apple:macos:10.15.7", "cpe:/o:apple:mac_os_x:10.15.7"], "id": "CVE-2022-32807", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32807", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:10.15.7:-:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-008:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:10.15.7:security_update_2022-004:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-002:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*"]}, {"lastseen": "2022-11-02T16:14:59", "description": "This issue was addressed with improved checks. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. An app may be able to modify protected parts of the file system.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-09-23T19:15:00", "type": "cve", "title": "CVE-2022-32800", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-32800"], "modified": "2022-11-02T13:18:00", "cpe": ["cpe:/o:apple:macos:10.15.7", "cpe:/o:apple:mac_os_x:10.15.7"], "id": "CVE-2022-32800", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32800", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:10.15.7:-:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-008:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:10.15.7:security_update_2022-004:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-002:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*"]}, {"lastseen": "2023-01-09T17:51:38", "description": "An authorization issue was addressed with improved state management. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app may be able to gain root privileges.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-23T19:15:00", "type": "cve", "title": "CVE-2022-32826", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-32826"], "modified": "2023-01-09T16:41:00", "cpe": ["cpe:/o:apple:macos:10.15.7", "cpe:/o:apple:mac_os_x:10.15.7"], "id": "CVE-2022-32826", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32826", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-002:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:10.15.7:-:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-008:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:10.15.7:security_update_2022-004:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*"]}, {"lastseen": "2022-11-02T16:15:06", "description": "A memory corruption vulnerability was addressed with improved locking. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina. An app may be able to execute arbitrary code with kernel privileges.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-08-24T20:15:00", "type": "cve", "title": "CVE-2022-32811", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-32811"], "modified": "2022-11-02T13:18:00", "cpe": ["cpe:/o:apple:macos:10.15.7", "cpe:/o:apple:mac_os_x:10.15.7"], "id": "CVE-2022-32811", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32811", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:10.15.7:-:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-008:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:10.15.7:security_update_2022-004:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-002:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*"]}, {"lastseen": "2023-01-09T17:51:37", "description": "This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5, Security Update 2022-005 Catalina, macOS Big Sur 11.6.8. An app with root privileges may be able to access private information.", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "baseScore": 4.4, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-09-23T19:15:00", "type": "cve", "title": "CVE-2022-32781", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-32781"], "modified": "2023-01-09T16:41:00", "cpe": ["cpe:/o:apple:macos:10.15.7", "cpe:/o:apple:mac_os_x:10.15.7"], "id": "CVE-2022-32781", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32781", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-002:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:10.15.7:-:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-008:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:10.15.7:security_update_2022-004:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*"]}, {"lastseen": "2022-11-02T16:14:57", "description": "This issue was addressed with improved checks. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.1, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.2}, "published": "2022-09-23T19:15:00", "type": "cve", "title": "CVE-2022-32797", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-32797"], "modified": "2022-11-02T13:18:00", "cpe": ["cpe:/o:apple:macos:10.15.7", "cpe:/o:apple:mac_os_x:10.15.7"], "id": "CVE-2022-32797", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32797", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:10.15.7:-:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-008:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:10.15.7:security_update_2022-004:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-002:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*"]}, {"lastseen": "2022-11-02T16:15:06", "description": "The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina, iOS 15.6 and iPadOS 15.6, tvOS 15.6, watchOS 8.7. An app with root privileges may be able to execute arbitrary code with kernel privileges.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-08-24T20:15:00", "type": "cve", "title": "CVE-2022-32813", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-32813"], "modified": "2022-11-02T13:18:00", "cpe": ["cpe:/o:apple:macos:10.15.7", "cpe:/o:apple:mac_os_x:10.15.7"], "id": "CVE-2022-32813", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32813", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:10.15.7:-:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-008:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:10.15.7:security_update_2022-004:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-002:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*"]}, {"lastseen": "2023-01-09T17:51:36", "description": "A logic issue was addressed with improved state management. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app may be able to gain root privileges.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-23T19:15:00", "type": "cve", "title": "CVE-2022-32819", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-32819"], "modified": "2023-01-09T16:41:00", "cpe": ["cpe:/o:apple:macos:10.15.7", "cpe:/o:apple:mac_os_x:10.15.7"], "id": "CVE-2022-32819", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32819", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-002:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:10.15.7:-:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-008:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:10.15.7:security_update_2022-004:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*"]}, {"lastseen": "2023-01-09T17:51:36", "description": "The issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app with root privileges may be able to execute arbitrary code with kernel privileges.", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-23T19:15:00", "type": "cve", "title": "CVE-2022-32832", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-32832"], "modified": "2023-01-09T16:41:00", "cpe": ["cpe:/o:apple:macos:10.15.7", "cpe:/o:apple:mac_os_x:10.15.7"], "id": "CVE-2022-32832", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32832", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-002:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:10.15.7:-:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-008:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:10.15.7:security_update_2022-004:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*"]}, {"lastseen": "2023-01-09T17:51:37", "description": "An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app may be able to execute arbitrary code with kernel privileges.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-23T19:15:00", "type": "cve", "title": "CVE-2022-32820", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-32820"], "modified": "2023-01-09T16:41:00", "cpe": ["cpe:/o:apple:macos:10.15.7", "cpe:/o:apple:mac_os_x:10.15.7"], "id": "CVE-2022-32820", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32820", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-002:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:10.15.7:-:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-008:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:10.15.7:security_update_2022-004:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*"]}, {"lastseen": "2022-11-02T16:15:07", "description": "A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina, iOS 15.6 and iPadOS 15.6. An app may be able to read arbitrary files.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-08-24T20:15:00", "type": "cve", "title": "CVE-2022-32838", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-32838"], "modified": "2022-11-02T13:18:00", "cpe": ["cpe:/o:apple:macos:10.15.7", "cpe:/o:apple:mac_os_x:10.15.7"], "id": "CVE-2022-32838", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32838", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:10.15.7:-:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-008:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:10.15.7:security_update_2022-004:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-002:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*"]}, {"lastseen": "2023-01-09T17:51:37", "description": "A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app may be able to leak sensitive user information.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-09-23T19:15:00", "type": "cve", "title": "CVE-2022-32823", "cwe": ["CWE-665"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-32823"], "modified": "2023-01-09T16:41:00", "cpe": ["cpe:/o:apple:macos:10.15.7", "cpe:/o:apple:mac_os_x:10.15.7"], "id": "CVE-2022-32823", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32823", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-002:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:10.15.7:-:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-008:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:10.15.7:security_update_2022-004:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*"]}, {"lastseen": "2023-01-12T21:26:01", "description": "An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app may be able to access sensitive user information.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-09-23T19:15:00", "type": "cve", "title": "CVE-2022-32849", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-32849"], "modified": "2023-01-12T20:10:00", "cpe": ["cpe:/o:apple:mac_os_x:10.15.7"], "id": "CVE-2022-32849", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32849", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-002:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-004:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-008:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*"]}, {"lastseen": "2023-01-09T17:51:42", "description": "A null pointer dereference was addressed with improved validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing an image may lead to a denial-of-service.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-09-23T19:15:00", "type": "cve", "title": "CVE-2022-32785", "cwe": ["CWE-476"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-32785"], "modified": "2023-01-09T16:41:00", "cpe": ["cpe:/o:apple:macos:10.15.7", "cpe:/o:apple:mac_os_x:10.15.7"], "id": "CVE-2022-32785", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32785", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-002:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:10.15.7:-:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-008:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:10.15.7:security_update_2022-004:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*"]}, {"lastseen": "2022-11-02T16:15:06", "description": "The issue was addressed with improved bounds checks. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina, iOS 15.6 and iPadOS 15.6, tvOS 15.6, watchOS 8.7. A remote user may cause an unexpected app termination or arbitrary code execution.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-08-24T20:15:00", "type": "cve", "title": "CVE-2022-32839", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-32839"], "modified": "2022-11-02T13:18:00", "cpe": ["cpe:/o:apple:macos:10.15.7", "cpe:/o:apple:mac_os_x:10.15.7"], "id": "CVE-2022-32839", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32839", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:10.15.7:-:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-008:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:10.15.7:security_update_2022-004:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-002:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*"]}, {"lastseen": "2022-11-02T16:14:57", "description": "An issue in the handling of environment variables was addressed with improved validation. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. An app may be able to modify protected parts of the file system.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-09-23T19:15:00", "type": "cve", "title": "CVE-2022-32786", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-32786"], "modified": "2022-11-02T13:18:00", "cpe": ["cpe:/o:apple:macos:10.15.7", "cpe:/o:apple:mac_os_x:10.15.7"], "id": "CVE-2022-32786", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32786", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:10.15.7:-:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-008:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:10.15.7:security_update_2022-004:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-002:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*"]}, {"lastseen": "2023-01-09T17:51:37", "description": "The issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app with root privileges may be able to execute arbitrary code with kernel privileges.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-23T19:15:00", "type": "cve", "title": "CVE-2022-32815", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-32815"], "modified": "2023-01-09T16:41:00", "cpe": ["cpe:/o:apple:macos:10.15.7", "cpe:/o:apple:mac_os_x:10.15.7"], "id": "CVE-2022-32815", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32815", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-002:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:10.15.7:-:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-008:*:*:*:*:*:*", "cpe:2.3:o:apple:macos:10.15.7:security_update_2022-004:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*"]}, {"lastseen": "2022-08-26T19:04:33", "description": "vim is vulnerable to Heap-based Buffer Overflow", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 3.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 1.4}, "published": "2022-01-10T16:15:00", "type": "cve", "title": "CVE-2022-0158", "cwe": ["CWE-122"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0158"], "modified": "2022-08-26T17:46:00", "cpe": ["cpe:/o:fedoraproject:fedora:34", "cpe:/o:fedoraproject:fedora:35"], "id": "CVE-2022-0158", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0158", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*"]}, {"lastseen": "2022-08-26T19:04:34", "description": "vim is vulnerable to Use After Free", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-01-10T16:15:00", "type": "cve", "title": "CVE-2022-0156", "cwe": ["CWE-416"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0156"], "modified": "2022-08-26T17:45:00", "cpe": ["cpe:/o:fedoraproject:fedora:34", "cpe:/o:fedoraproject:fedora:35"], "id": "CVE-2022-0156", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0156", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*"]}], "zdi": [{"lastseen": "2022-09-27T21:23:46", "description": "This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within a function in AppleScript.framework. Crafted data in a SCPT file can trigger a read past the end of an allocated data structure. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.1, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.2}, "published": "2022-08-23T00:00:00", "type": "zdi", "title": "Apple macOS AppleScript TASUnparser_PrintObject Untrusted Pointer Dereference Information Disclosure Vulnerability", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2022-32797"], "modified": "2022-08-23T00:00:00", "id": "ZDI-22-1130", "href": "https://www.zerodayinitiative.com/advisories/ZDI-22-1130/", "cvss": {"score": 0.0, "vector": "NONE"}}], "githubexploit": [{"lastseen": "2022-09-27T18:04:15", "description": "## CVE-2022-32832\n#### Proof-of-concept and write-up for the CVE...", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-07-22T17:37:27", "type": "githubexploit", "title": "Exploit for Vulnerability in Apple Macos", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2022-32832"], "modified": "2022-08-06T20:52:44", "id": "37393B8B-A626-5459-AD36-69EB66654B35", "href": "", "cvss": {"score": 0.0, "vector": "NONE"}, "privateArea": 1}, {"lastseen": "2023-02-05T20:32:54", "description": "## CVE-2022-32832\n#### Proof-of-concept and write-up for the CVE...", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-07-21T13:09:50", "type": "githubexploit", "title": "Exploit for Vulnerability in Apple Macos", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2022-32832"], "modified": "2023-02-05T20:04:24", "id": "84E2D1AF-A777-566C-B293-27ED87F2C35C", "href": "", "cvss": {"score": 0.0, "vector": "NONE"}, "privateArea": 1}], "mageia": [{"lastseen": "2022-04-18T11:19:35", "description": "vim is vulnerable to Out-of-bounds Read (CVE-2022-0128) vim is vulnerable to Use After Free (CVE-2022-0156) vim is vulnerable to Heap-based Buffer Overflow (CVE-2022-0158) vim is vulnerable to Heap-based Buffer Overflow (CVE-2022-0213) \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-01-18T19:29:46", "type": "mageia", "title": "Updated vim packages fix security vulnerability\n", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0128", "CVE-2022-0156", "CVE-2022-0158", "CVE-2022-0213"], "modified": "2022-01-18T19:29:45", "id": "MGASA-2022-0023", "href": "https://advisories.mageia.org/MGASA-2022-0023.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "trendmicroblog": [{"lastseen": "2022-12-21T08:09:36", "description": "This blog entry discusses the technical details of how we exploited CVE-2022-22583 using a different method. We also tackle the technical details of CVE-2022-32800, another SIP-bypass that we discovered more recently, in this report.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-12-21T00:00:00", "type": "trendmicroblog", "title": "A Technical Analysis of CVE-2022-22583 and CVE-2022-32800", "bulletinFamily": "blog", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-22583", "CVE-2022-32800"], "modified": "2022-12-21T00:00:00", "id": "TRENDMICROBLOG:D60D84608B5F24D96FDAD56776F9494A", "href": "https://www.trendmicro.com/en_us/research/22/l/a-technical-analysis-of-cve-2022-22583-and-cve-2022-32800.html", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}], "ubuntucve": [{"lastseen": "2022-10-28T13:40:26", "description": "vim is vulnerable to Heap-based Buffer Overflow\n\n#### Bugs\n\n * <https://huntr.dev/bounties/ac5d7005-07c6-4a0a-b251-ba9cdbf6738b>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[rayveldkamp](<https://launchpad.net/~rayveldkamp>) | affected function is located in src/vim9compile.c for these releases\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 3.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 1.4}, "published": "2022-01-10T00:00:00", "type": "ubuntucve", "title": "CVE-2022-0158", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0158"], "modified": "2022-01-10T00:00:00", "id": "UB:CVE-2022-0158", "href": "https://ubuntu.com/security/CVE-2022-0158", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-10-28T13:40:25", "description": "vim is vulnerable to Use After Free\n\n#### Bugs\n\n * <https://huntr.dev/bounties/47dded34-3767-4725-8c7c-9dcb68c70b36>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[ccdm94](<https://launchpad.net/~ccdm94>) | patches 8.2.4040 and 8.2.4042 are both needed (as defined by upstream). This patch makes changes to the code introduced by the patch for CVE-2021-4173.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-01-10T00:00:00", "type": "ubuntucve", "title": "CVE-2022-0156", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4173", "CVE-2022-0156"], "modified": "2022-01-10T00:00:00", "id": "UB:CVE-2022-0156", "href": "https://ubuntu.com/security/CVE-2022-0156", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T13:13:39", "description": "vim is vulnerable to Use After Free\n\n#### Notes\n\nAuthor| Note \n---|--- \n[ccdm94](<https://launchpad.net/~ccdm94>) | introduced by commit 04b12697838 (>= 8.2.0695). The patch for this CVE is related to the patch for CVE-2022-0156.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-12-27T00:00:00", "type": "ubuntucve", "title": "CVE-2021-4173", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4173", "CVE-2022-0156"], "modified": "2021-12-27T00:00:00", "id": "UB:CVE-2021-4173", "href": "https://ubuntu.com/security/CVE-2021-4173", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "debiancve": [{"lastseen": "2023-01-23T02:08:44", "description": "vim is vulnerable to Heap-based Buffer Overflow", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 3.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 1.4}, "published": "2022-01-10T16:15:00", "type": "debiancve", "title": "CVE-2022-0158", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0158"], "modified": "2022-01-10T16:15:00", "id": "DEBIANCVE:CVE-2022-0158", "href": "https://security-tracker.debian.org/tracker/CVE-2022-0158", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-01-23T02:08:44", "description": "vim is vulnerable to Use After Free", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-01-10T16:15:00", "type": "debiancve", "title": "CVE-2022-0156", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0156"], "modified": "2022-01-10T16:15:00", "id": "DEBIANCVE:CVE-2022-0156", "href": "https://security-tracker.debian.org/tracker/CVE-2022-0156", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "alpinelinux": [{"lastseen": "2022-01-25T04:10:10", "description": "vim is vulnerable to Heap-based Buffer Overflow", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 3.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 1.4}, "published": "2022-01-10T16:15:00", "type": "alpinelinux", "title": "CVE-2022-0158", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0158"], "modified": "2022-01-24T03:15:00", "id": "ALPINE:CVE-2022-0158", "href": "https://security.alpinelinux.org/vuln/CVE-2022-0158", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-01-25T04:10:10", "description": "vim is vulnerable to Use After Free", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-01-10T16:15:00", "type": "alpinelinux", "title": "CVE-2022-0156", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0156"], "modified": "2022-01-24T03:15:00", "id": "ALPINE:CVE-2022-0156", "href": "https://security.alpinelinux.org/vuln/CVE-2022-0156", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "huntr": [{"lastseen": "2022-03-30T11:08:18", "description": "# Description\nA Heap-based Buffer Overflow has been found in vim commit `2f0936c`\n\n # Proof of Concept\n```\nbase64 poc\nZGVmIEZpcnN0RnVuY3Rpb24oKQogIGRlZiBTZWNvbmRGdW5vbmUKJCAgCiAgIGVuZGRCQkJCCmVu\nZGRlZgojIEN/////bGUgYWxsZWZ8QkJCQgplbmRkZWYKIyBDb21waWxlIGFsbCBmdW5jdGlvbnMK\nZGVmY29tcGlsZQo=\n```\n```\n~/fuzzing/vim/fuzz/bin/vim -u NONE -X -Z -e -s -S ./poc -c :qa!\n```\n\nASan stack trace:\n\n```\n~/fuzzing/vim/fuzz/bin/vim -u NONE -X -Z -e -s -S ./poc -c :qa!\n=================================================================\n==836524==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60200000622f at pc 0x0000004306f9 bp 0x7ffc883006f0 sp 0x7ffc882ffeb0\nREAD of size 5 at 0x60200000622f thread T0\n #0 0x4306f8 in strlen (/home/aidai/fuzzing/vim/fuzz/bin/vim+0x4306f8)\n #1 0xc444a6 (/home/aidai/fuzzing/vim/fuzz/bin/vim+0xc444a6)\n #2 0xf7515a (/home/aidai/fuzzing/vim/fuzz/bin/vim+0xf7515a)\n #3 0xe1ba91 (/home/aidai/fuzzing/vim/fuzz/bin/vim+0xe1ba91)\n #4 0xe14ca4 (/home/aidai/fuzzing/vim/fuzz/bin/vim+0xe14ca4)\n #5 0xe14009 (/home/aidai/fuzzing/vim/fuzz/bin/vim+0xe14009)\n #6 0xe12ddf (/home/aidai/fuzzing/vim/fuzz/bin/vim+0xe12ddf)\n #7 0xe12043 (/home/aidai/fuzzing/vim/fuzz/bin/vim+0xe12043)\n #8 0xe0e863 (/home/aidai/fuzzing/vim/fuzz/bin/vim+0xe0e863)\n #9 0xe0ffaa (/home/aidai/fuzzing/vim/fuzz/bin/vim+0xe0ffaa)\n #10 0xdaf709 (/home/aidai/fuzzing/vim/fuzz/bin/vim+0xdaf709)\n #11 0xdc68ed (/home/aidai/fuzzing/vim/fuzz/bin/vim+0xdc68ed)\n #12 0xd92167 (/home/aidai/fuzzing/vim/fuzz/bin/vim+0xd92167)\n #13 0x6e68fe (/home/aidai/fuzzing/vim/fuzz/bin/vim+0x6e68fe)\n #14 0x6d9b41 (/home/aidai/fuzzing/vim/fuzz/bin/vim+0x6d9b41)\n #15 0xb6680a (/home/aidai/fuzzing/vim/fuzz/bin/vim+0xb6680a)\n #16 0xb6457f (/home/aidai/fuzzing/vim/fuzz/bin/vim+0xb6457f)\n #17 0x6e68fe (/home/aidai/fuzzing/vim/fuzz/bin/vim+0x6e68fe)\n #18 0x6d9b41 (/home/aidai/fuzzing/vim/fuzz/bin/vim+0x6d9b41)\n #19 0xf60f43 (/home/aidai/fuzzing/vim/fuzz/bin/vim+0xf60f43)\n #20 0xf5d76f (/home/aidai/fuzzing/vim/fuzz/bin/vim+0xf5d76f)\n #21 0x7f0d3f15a0b2 in __libc_start_main /build/glibc-eX1tMB/glibc-2.31/csu/../csu/libc-start.c:308:16\n #22 0x41dacd (/home/aidai/fuzzing/vim/fuzz/bin/vim+0x41dacd)\n\n0x60200000622f is located 1 bytes to the left of 4-byte region [0x602000006230,0x602000006234)\nallocated by thread T0 here:\n #0 0x49620d in malloc (/home/aidai/fuzzing/vim/fuzz/bin/vim+0x49620d)\n #1 0x4c5d15 (/home/aidai/fuzzing/vim/fuzz/bin/vim+0x4c5d15)\n\nSUMMARY: AddressSanitizer: heap-buffer-overflow (/home/aidai/fuzzing/vim/fuzz/bin/vim+0x4306f8) in strlen\nShadow bytes around the buggy address:\n 0x0c047fff8bf0: fa fa fd fa fa fa fd fa fa fa fd fa fa fa fd fa\n 0x0c047fff8c00: fa fa fd fa fa fa 00 00 fa fa 00 00 fa fa 06 fa\n 0x0c047fff8c10: fa fa 00 01 fa fa fd fd fa fa fd fd fa fa 04 fa\n 0x0c047fff8c20: fa fa 00 04 fa fa fd fd fa fa 00 03 fa fa fd fd\n 0x0c047fff8c30: fa fa 00 03 fa fa fd fd fa fa 00 03 fa fa 00 06\n=>0x0c047fff8c40: fa fa 00 05 fa[fa]04 fa fa fa fa fa fa fa fa fa\n 0x0c047fff8c50: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa\n 0x0c047fff8c60: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa\n 0x0c047fff8c70: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa\n 0x0c047fff8c80: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa\n 0x0c047fff8c90: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa\nShadow byte legend (one shadow byte represents 8 application bytes):\n Addressable: 00\n Partially addressable: 01 02 03 04 05 06 07\n Heap left redzone: fa\n Freed heap region: fd\n Stack left redzone: f1\n Stack mid redzone: f2\n Stack right redzone: f3\n Stack after return: f5\n Stack use after scope: f8\n Global redzone: f9\n Global init order: f6\n Poisoned by user: f7\n Container overflow: fc\n Array cookie: ac\n Intra object redzone: bb\n ASan internal: fe\n Left alloca redzone: ca\n Right alloca redzone: cb\n Shadow gap: cc\n==836524==ABORTING\n```", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 3.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 1.4}, "published": "2022-01-07T09:26:40", "type": "huntr", "title": "Heap-based Buffer Overflow in vim/vim", "bulletinFamily": "bugbounty", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0158"], "modified": "2022-01-09T13:31:55", "id": "AC5D7005-07C6-4A0A-B251-BA9CDBF6738B", "href": "https://www.huntr.dev/bounties/ac5d7005-07c6-4a0a-b251-ba9cdbf6738b/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-03-30T11:08:19", "description": "# Description\nA Heap-based Buffer Overflow has been found in vim commit `a909c48`\n\n # Proof of Concept\n```\nbase64 poc\nZGVmIEZpcnN0RnVuY3Rpb24oKQogIGRlZiBTZWNvbmRGdW5jdGlvbihKICA9CiAgIyBOb2lzCiAg\nIyBvbmUKICAgCiAgIGVuZGRlZnxCQkJCCmVuZGRlZgojIENvbXBpbGUgYWxsIGZ1bmN0aW9ucwpk\nZWZjb21waWxlCg==\n```\n```\n~/fuzzing/vim/fuzz/bin/vim -u NONE -X -Z -e -s -S ./poc -c :qa!\n```\n\nASan stack trace:\n\n```\n~/fuzzing/vim/vim/src/vim -u NONE -X -Z -e -s -S ./poc -c :qa!\n=================================================================\n==3561571==ERROR: AddressSanitizer: heap-use-after-free on address 0x603000000b95 at pc 0x0000004306f9 bp 0x7ffca7051550 sp 0x7ffca7050d10\nREAD of size 5 at 0x603000000b95 thread T0\n #0 0x4306f8 in strlen (/home/aidai/fuzzing/vim/vim/src/vim+0x4306f8)\n #1 0xc452e9 in vim_vsnprintf_typval /home/aidai/fuzzing/vim/vim/src/strings.c:2302:16\n #2 0xf75f9a in semsg /home/aidai/fuzzing/vim/vim/src/message.c:809:6\n #3 0xd732d2 in get_function_args /home/aidai/fuzzing/vim/vim/src/userfunc.c:254:3\n #4 0xd87bb1 in define_function /home/aidai/fuzzing/vim/vim/src/userfunc.c:4227:9\n #5 0xdc83eb in compile_nested_function /home/aidai/fuzzing/vim/vim/src/vim9compile.c:879:13\n #6 0xdc83eb in compile_def_function /home/aidai/fuzzing/vim/vim/src/vim9compile.c:2929:14\n #7 0xd92f77 in ex_defcompile /home/aidai/fuzzing/vim/vim/src/userfunc.c:4674:9\n #8 0x6e76ce in do_one_cmd /home/aidai/fuzzing/vim/vim/src/ex_docmd.c:2570:2\n #9 0x6da911 in do_cmdline /home/aidai/fuzzing/vim/vim/src/ex_docmd.c:993:17\n #10 0xb6761a in do_source /home/aidai/fuzzing/vim/vim/src/scriptfile.c:1423:5\n #11 0xb6538f in cmd_source /home/aidai/fuzzing/vim/vim/src/scriptfile.c:985:14\n #12 0x6e76ce in do_one_cmd /home/aidai/fuzzing/vim/vim/src/ex_docmd.c:2570:2\n #13 0x6da911 in do_cmdline /home/aidai/fuzzing/vim/vim/src/ex_docmd.c:993:17\n #14 0xf61d73 in exe_commands /home/aidai/fuzzing/vim/vim/src/main.c:3080:2\n #15 0xf61d73 in vim_main2 /home/aidai/fuzzing/vim/vim/src/main.c:774:2\n #16 0xf5e59f in main /home/aidai/fuzzing/vim/vim/src/main.c:426:12\n #17 0x7ff9888c10b2 in __libc_start_main /build/glibc-eX1tMB/glibc-2.31/csu/../csu/libc-start.c:308:16\n #18 0x41dacd in _start (/home/aidai/fuzzing/vim/vim/src/vim+0x41dacd)\n\n0x603000000b95 is located 21 bytes inside of 26-byte region [0x603000000b80,0x603000000b9a)\nfreed by thread T0 here:\n #0 0x495f8d in free (/home/aidai/fuzzing/vim/vim/src/vim+0x495f8d)\n #1 0x4c69c3 in vim_free /home/aidai/fuzzing/vim/vim/src/alloc.c:619:2\n #2 0xd87bb1 in define_function /home/aidai/fuzzing/vim/vim/src/userfunc.c:4227:9\n #3 0xdc83eb in compile_nested_function /home/aidai/fuzzing/vim/vim/src/vim9compile.c:879:13\n #4 0xdc83eb in compile_def_function /home/aidai/fuzzing/vim/vim/src/vim9compile.c:2929:14\n #5 0xd92f77 in ex_defcompile /home/aidai/fuzzing/vim/vim/src/userfunc.c:4674:9\n\npreviously allocated by thread T0 here:\n #0 0x49620d in malloc (/home/aidai/fuzzing/vim/vim/src/vim+0x49620d)\n #1 0x4c5d15 in lalloc /home/aidai/fuzzing/vim/vim/src/alloc.c:244:11\n\nSUMMARY: AddressSanitizer: heap-use-after-free (/home/aidai/fuzzing/vim/vim/src/vim+0x4306f8) in strlen\nShadow bytes around the buggy address:\n 0x0c067fff8120: fa fa 00 00 00 02 fa fa 00 00 00 01 fa fa 00 00\n 0x0c067fff8130: 07 fa fa fa 00 00 04 fa fa fa 00 00 00 01 fa fa\n 0x0c067fff8140: 00 00 00 fa fa fa 00 00 00 fa fa fa fd fd fd fa\n 0x0c067fff8150: fa fa 00 00 00 02 fa fa 00 00 00 fa fa fa fd fd\n 0x0c067fff8160: fd fd fa fa 00 00 00 fa fa fa 00 00 00 fa fa fa\n=>0x0c067fff8170: fd fd[fd]fd fa fa 00 00 00 fa fa fa 00 00 00 fa\n 0x0c067fff8180: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa\n 0x0c067fff8190: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa\n 0x0c067fff81a0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa\n 0x0c067fff81b0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa\n 0x0c067fff81c0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa\nShadow byte legend (one shadow byte represents 8 application bytes):\n Addressable: 00\n Partially addressable: 01 02 03 04 05 06 07\n Heap left redzone: fa\n Freed heap region: fd\n Stack left redzone: f1\n Stack mid redzone: f2\n Stack right redzone: f3\n Stack after return: f5\n Stack use after scope: f8\n Global redzone: f9\n Global init order: f6\n Poisoned by user: f7\n Container overflow: fc\n Array cookie: ac\n Intra object redzone: bb\n ASan internal: fe\n Left alloca redzone: ca\n Right alloca redzone: cb\n Shadow gap: cc\n==3561571==ABORTING\n```", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-01-07T11:01:47", "type": "huntr", "title": "None in vim/vim", "bulletinFamily": "bugbounty", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0156"], "modified": "2022-01-08T14:56:39", "id": "47DDED34-3767-4725-8C7C-9DCB68C70B36", "href": "https://www.huntr.dev/bounties/47dded34-3767-4725-8c7c-9dcb68c70b36/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "cnvd": [{"lastseen": "2022-11-04T14:52:53", "description": "Vim, a UNIX-based editor, is vulnerable to a resource management error that stems from a heap-based buffer overflow. No detailed vulnerability details are currently available.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 3.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 1.4}, "published": "2022-01-14T00:00:00", "type": "cnvd", "title": "vim resource management error vulnerability (CNVD-2022-05043)", "bulletinFamily": "cnvd", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0158"], "modified": "2022-01-19T00:00:00", "id": "CNVD-2022-05043", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2022-05043", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-11-05T07:09:12", "description": "Vim, a UNIX-based editor, is vulnerable to a resource management error that stems from a heap-based buffer overflow. No detailed vulnerability details are currently available.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-01-14T00:00:00", "type": "cnvd", "title": "vim resource management error vulnerability (CNVD-2022-03942)", "bulletinFamily": "cnvd", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0156"], "modified": "2022-01-15T00:00:00", "id": "CNVD-2022-03942", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2022-03942", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "veracode": [{"lastseen": "2022-08-26T20:42:17", "description": "vim is vulnerable to Heap-based Buffer Overflow. The vulnerability exists due to a lack of sanitization. \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 3.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 1.4}, "published": "2022-01-23T17:15:36", "type": "veracode", "title": "Buffer Overflow", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0158"], "modified": "2022-08-26T18:15:51", "id": "VERACODE:33825", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-33825/summary", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-08-26T20:42:18", "description": "vim is vulnerable to heap-based buffer overflow. The vulnerability exist in the 'one_function_arg' function in 'userfunc.c' causes a heap-based buffer overflow which could result in an application crash. \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-01-23T17:15:19", "type": "veracode", "title": "Heap-based Buffer Overflow ", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0156"], "modified": "2022-08-26T18:15:51", "id": "VERACODE:33824", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-33824/summary", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "redhatcve": [{"lastseen": "2023-02-01T08:09:41", "description": "It was found that vim was vulnerable to a 1 byte heap based out of bounds read flaw in the `compile_get_env()` function. A file could use that flaw to disclose 1 byte of vim's internal memory.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 3.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 1.4}, "published": "2022-01-12T23:22:43", "type": "redhatcve", "title": "CVE-2022-0158", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0158"], "modified": "2023-02-01T06:36:32", "id": "RH:CVE-2022-0158", "href": "https://access.redhat.com/security/cve/cve-2022-0158", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-01T08:09:40", "description": "It was found that vim was vulnerable to use-after-free flaw in the way it was treating allocated lines in user functions. A specially crafted file could crash the vim process or possibly lead to other undefined behaviors.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-01-12T23:22:43", "type": "redhatcve", "title": "CVE-2022-0156", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0156"], "modified": "2023-02-01T06:36:28", "id": "RH:CVE-2022-0156", "href": "https://access.redhat.com/security/cve/cve-2022-0156", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "amazon": [{"lastseen": "2022-11-01T21:43:03", "description": "**Issue Overview:**\n\nIt was found that vim was vulnerable to use-after-free flaw in the way it was treating allocated lines in user functions. A specially crafted file could crash the vim process or possibly lead to other undefined behaviors. (CVE-2022-0156)\n\nIt was found that vim was vulnerable to a 1 byte heap based out of bounds read flaw in the `compile_get_env()` function. A file could use that flaw to disclose 1 byte of vim's internal memory. (CVE-2022-0158)\n\nA flaw was found in vim. The vulnerability occurs due to not checking the length for the NameBuff function, which can lead to a heap buffer overflow. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution. (CVE-2022-0213)\n\nA heap based out-of-bounds write flaw was found in vim's ops.c. This flaw allows an attacker to trick a user to open a crafted file triggering an out-of-bounds write. This vulnerability is capable of crashing software, modify memory, and possible code execution. (CVE-2022-0261)\n\nA flaw was found in vim. The vulnerability occurs due to reading beyond the end of a line in the utf_head_off function, which can lead to a heap buffer overflow. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution. (CVE-2022-0318)\n\nA flaw was found in vim. The vulnerability occurs due to too many recursions, which can lead to a segmentation fault. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution. (CVE-2022-0351)\n\nA flaw was found in vim. The vulnerability occurs due to Illegal memory access with large tabstop in Ex mode, which can lead to a heap buffer overflow. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution. (CVE-2022-0359)\n\n \n**Affected Packages:** \n\n\nvim\n\n \n**Issue Correction:** \nRun _yum update vim_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n aarch64: \n \u00a0\u00a0\u00a0 vim-common-8.2.4314-1.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 vim-minimal-8.2.4314-1.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 vim-enhanced-8.2.4314-1.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 vim-X11-8.2.4314-1.amzn2.0.1.aarch64 \n \u00a0\u00a0\u00a0 vim-debuginfo-8.2.4314-1.amzn2.0.1.aarch64 \n \n i686: \n \u00a0\u00a0\u00a0 vim-common-8.2.4314-1.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 vim-minimal-8.2.4314-1.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 vim-enhanced-8.2.4314-1.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 vim-X11-8.2.4314-1.amzn2.0.1.i686 \n \u00a0\u00a0\u00a0 vim-debuginfo-8.2.4314-1.amzn2.0.1.i686 \n \n noarch: \n \u00a0\u00a0\u00a0 vim-filesystem-8.2.4314-1.amzn2.0.1.noarch \n \u00a0\u00a0\u00a0 vim-data-8.2.4314-1.amzn2.0.1.noarch \n \n src: \n \u00a0\u00a0\u00a0 vim-8.2.4314-1.amzn2.0.1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 vim-common-8.2.4314-1.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 vim-minimal-8.2.4314-1.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 vim-enhanced-8.2.4314-1.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 vim-X11-8.2.4314-1.amzn2.0.1.x86_64 \n \u00a0\u00a0\u00a0 vim-debuginfo-8.2.4314-1.amzn2.0.1.x86_64 \n \n \n\n### Additional References\n\nRed Hat: [CVE-2022-0156](<https://access.redhat.com/security/cve/CVE-2022-0156>), [CVE-2022-0158](<https://access.redhat.com/security/cve/CVE-2022-0158>), [CVE-2022-0213](<https://access.redhat.com/security/cve/CVE-2022-0213>), [CVE-2022-0261](<https://access.redhat.com/security/cve/CVE-2022-0261>), [CVE-2022-0318](<https://access.redhat.com/security/cve/CVE-2022-0318>), [CVE-2022-0351](<https://access.redhat.com/security/cve/CVE-2022-0351>), [CVE-2022-0359](<https://access.redhat.com/security/cve/CVE-2022-0359>)\n\nMitre: [CVE-2022-0156](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0156>), [CVE-2022-0158](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0158>), [CVE-2022-0213](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0213>), [CVE-2022-0261](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0261>), [CVE-2022-0318](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0318>), [CVE-2022-0351](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0351>), [CVE-2022-0359](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0359>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-15T22:55:00", "type": "amazon", "title": "Medium: vim", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0156", "CVE-2022-0158", "CVE-2022-0213", "CVE-2022-0261", "CVE-2022-0318", "CVE-2022-0351", "CVE-2022-0359"], "modified": "2022-02-21T20:54:00", "id": "ALAS2-2022-1751", "href": "https://alas.aws.amazon.com/AL2/ALAS-2022-1751.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-11-01T23:19:36", "description": "**Issue Overview:**\n\nIt was found that vim was vulnerable to use-after-free flaw in the way it was treating allocated lines in user functions. A specially crafted file could crash the vim process or possibly lead to other undefined behaviors. (CVE-2022-0156)\n\nIt was found that vim was vulnerable to a 1 byte heap based out of bounds read flaw in the `compile_get_env()` function. A file could use that flaw to disclose 1 byte of vim's internal memory. (CVE-2022-0158)\n\nA flaw was found in vim. The vulnerability occurs due to not checking the length for the NameBuff function, which can lead to a heap buffer overflow. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution. (CVE-2022-0213)\n\nA heap based out-of-bounds write flaw was found in vim's ops.c. This flaw allows an attacker to trick a user to open a crafted file triggering an out-of-bounds write. This vulnerability is capable of crashing software, modify memory, and possible code execution. (CVE-2022-0261)\n\nA flaw was found in vim. The vulnerability occurs due to reading beyond the end of a line in the utf_head_off function, which can lead to a heap buffer overflow. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution. (CVE-2022-0318)\n\nA flaw was found in vim. The vulnerability occurs due to too many recursions, which can lead to a segmentation fault. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution. (CVE-2022-0351)\n\nA flaw was found in vim. The vulnerability occurs due to Illegal memory access with large tabstop in Ex mode, which can lead to a heap buffer overflow. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution. (CVE-2022-0359)\n\n \n**Affected Packages:** \n\n\nvim\n\n \n**Issue Correction:** \nRun _yum update vim_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 vim-minimal-8.2.4314-1.1.amzn1.i686 \n \u00a0\u00a0\u00a0 vim-enhanced-8.2.4314-1.1.amzn1.i686 \n \u00a0\u00a0\u00a0 vim-common-8.2.4314-1.1.amzn1.i686 \n \u00a0\u00a0\u00a0 vim-debuginfo-8.2.4314-1.1.amzn1.i686 \n \n noarch: \n \u00a0\u00a0\u00a0 vim-filesystem-8.2.4314-1.1.amzn1.noarch \n \u00a0\u00a0\u00a0 vim-data-8.2.4314-1.1.amzn1.noarch \n \n src: \n \u00a0\u00a0\u00a0 vim-8.2.4314-1.1.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 vim-common-8.2.4314-1.1.amzn1.x86_64 \n \u00a0\u00a0\u00a0 vim-enhanced-8.2.4314-1.1.amzn1.x86_64 \n \u00a0\u00a0\u00a0 vim-minimal-8.2.4314-1.1.amzn1.x86_64 \n \u00a0\u00a0\u00a0 vim-debuginfo-8.2.4314-1.1.amzn1.x86_64 \n \n \n\n### Additional References\n\nRed Hat: [CVE-2022-0156](<https://access.redhat.com/security/cve/CVE-2022-0156>), [CVE-2022-0158](<https://access.redhat.com/security/cve/CVE-2022-0158>), [CVE-2022-0213](<https://access.redhat.com/security/cve/CVE-2022-0213>), [CVE-2022-0261](<https://access.redhat.com/security/cve/CVE-2022-0261>), [CVE-2022-0318](<https://access.redhat.com/security/cve/CVE-2022-0318>), [CVE-2022-0351](<https://access.redhat.com/security/cve/CVE-2022-0351>), [CVE-2022-0359](<https://access.redhat.com/security/cve/CVE-2022-0359>)\n\nMitre: [CVE-2022-0156](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0156>), [CVE-2022-0158](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0158>), [CVE-2022-0213](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0213>), [CVE-2022-0261](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0261>), [CVE-2022-0318](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0318>), [CVE-2022-0351](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0351>), [CVE-2022-0359](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0359>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-17T18:34:00", "type": "amazon", "title": "Medium: vim", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0156", "CVE-2022-0158", "CVE-2022-0213", "CVE-2022-0261", "CVE-2022-0318", "CVE-2022-0351", "CVE-2022-0359"], "modified": "2022-02-18T22:56:00", "id": "ALAS-2022-1567", "href": "https://alas.aws.amazon.com/ALAS-2022-1567.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "photon": [{"lastseen": "2022-08-12T00:17:16", "description": "Updates of ['vim'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-04-07T00:00:00", "type": "photon", "title": "Critical Photon OS Security Update - PHSA-2022-0380", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0156", "CVE-2022-0393", "CVE-2022-0696", "CVE-2022-0943", "CVE-2022-1154"], "modified": "2022-04-07T00:00:00", "id": "PHSA-2022-0380", "href": "https://github.com/vmware/photon/wiki/Security-Update-3.0-380", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-07T12:52:02", "description": "Updates of ['gzip', 'vim', 'xz', 'nginx'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-04-14T00:00:00", "type": "photon", "title": "Critical Photon OS Security Update - PHSA-2022-0466", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3618", "CVE-2022-0156", "CVE-2022-0393", "CVE-2022-0696", "CVE-2022-0943", "CVE-2022-1154", "CVE-2022-1271"], "modified": "2022-04-14T00:00:00", "id": "PHSA-2022-0466", "href": "https://github.com/vmware/photon/wiki/Security-Update-2.0-466", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-12T18:52:43", "description": "Updates of ['cyrus-sasl', 'vim'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-03-13T00:00:00", "type": "photon", "title": "Important Photon OS Security Update - PHSA-2022-0161", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4173", "CVE-2021-4193", "CVE-2022-0156", "CVE-2022-0319", "CVE-2022-0368", "CVE-2022-0393", "CVE-2022-0417", "CVE-2022-0696", "CVE-2022-24407"], "modified": "2022-03-13T00:00:00", "id": "PHSA-2022-0161", "href": "https://github.com/vmware/photon/wiki/Security-Update-4.0-161", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "gentoo": [{"lastseen": "2022-08-21T02:31:52", "description": "### Background\n\nVim is an efficient, highly configurable improved version of the classic \u2018vi\u2019 text editor. gVim is the GUI version of Vim.\n\n### Description\n\nMultiple vulnerabilities have been discovered in Vim and gVim. Please review the CVE identifiers referenced below for details.\n\n### Impact\n\nPlease review the referenced CVE identifiers for details.\n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Vim users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-editors/vim-9.0.0060\"\n \n\nAll gVim users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-editors/gvim-9.0.0060\"\n \n\nAll vim-core users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-editors/vim-core-9.0.0060\"", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-08-21T00:00:00", "type": "gentoo", "title": "Vim, gVim: Multiple Vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3770", "CVE-2021-3778", "CVE-2021-3796", "CVE-2021-3872", "CVE-2021-3875", "CVE-2021-3927", "CVE-2021-3928", "CVE-2021-3968", "CVE-2021-3973", "CVE-2021-3974", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-4069", "CVE-2021-4136", "CVE-2021-4166", "CVE-2021-4173", "CVE-2021-4187", "CVE-2021-4192", "CVE-2021-4193", "CVE-2021-46059", "CVE-2022-0128", "CVE-2022-0156", "CVE-2022-0158", "CVE-2022-0213", "CVE-2022-0261", "CVE-2022-0318", "CVE-2022-0319", "CVE-2022-0351", "CVE-2022-0359", "CVE-2022-0361", "CVE-2022-0368", "CVE-2022-0392", "CVE-2022-0393", "CVE-2022-0407", "CVE-2022-0408", "CVE-2022-0413", "CVE-2022-0417", "CVE-2022-0443", "CVE-2022-0554", "CVE-2022-0629", "CVE-2022-0685", "CVE-2022-0714", "CVE-2022-0729", "CVE-2022-0943", "CVE-2022-1154", "CVE-2022-1160", "CVE-2022-1381", "CVE-2022-1420", "CVE-2022-1616", "CVE-2022-1619", "CVE-2022-1620", "CVE-2022-1621", "CVE-2022-1629", "CVE-2022-1674", "CVE-2022-1720", "CVE-2022-1733", "CVE-2022-1735", "CVE-2022-1769", "CVE-2022-1771", "CVE-2022-1785", "CVE-2022-1796", "CVE-2022-1851", "CVE-2022-1886", "CVE-2022-1897", "CVE-2022-1898", "CVE-2022-1927", "CVE-2022-1942", "CVE-2022-1968", "CVE-2022-2000", "CVE-2022-2042", "CVE-2022-2124", "CVE-2022-2125", "CVE-2022-2126", "CVE-2022-2129", "CVE-2022-2175", "CVE-2022-2182", "CVE-2022-2183", "CVE-2022-2206", "CVE-2022-2207", "CVE-2022-2208", "CVE-2022-2210", "CVE-2022-2231", "CVE-2022-2257", "CVE-2022-2264", "CVE-2022-2284", "CVE-2022-2285", "CVE-2022-2286", "CVE-2022-2287", "CVE-2022-2288", "CVE-2022-2289", "CVE-2022-2304", "CVE-2022-2343", "CVE-2022-2344", "CVE-2022-2345"], "modified": "2022-08-21T00:00:00", "id": "GLSA-202208-32", "href": "https://security.gentoo.org/glsa/202208-32", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "avleonov": [{"lastseen": "2022-12-30T20:09:45", "description": "Hello everyone! Great news for my open source [Scanvus](<https://github.com/leonov-av/scanvus>) project! You can now perform vulnerability checks on Linux hosts and docker images not only using the [Vulners.com API](<https://vulners.com/docs/API_wrapper/linux_audit/>), but also with the [Vulns.io VM API](<https://vulns.io/>). It's especially nice that all the code to support the new API was written and contributed by colleagues from Vulns.io. I just had to do the final test. Many thanks to them for this!\n\nAlternative video link (for Russia): <https://vk.com/video-149273431_456239113>\n\n## How can the support of these two APIs in Scanvus be useful?\n\n 1. Now there is no binding to one vendor. Choose which service and price you prefer.\n 2. The set of supported operating systems varies between Vulners.com and Vulns.io. If a particular Linux distribution is not supported by one vendor, it may be supported by another vendor.\n 3. Vulners and Vulns.io implemented vulnerability checks independently of each other. If the results differ when scanning the same host/image, then implementation errors will be clearly visible.\n 4. Scanvus is released under the MIT license, so you can use it as an example of working with the Vulners.com and Vulns.io APIs and use this code in your projects.\n\n## How to use it?\n\nBasically, everything works exactly the same. You only need to specify the API you want to use in the -audit-service parameter. This can be "vulners" (default) or "vulnsio".\n\n### Localhost\n\nTo begin, I scanned my localhost. This is a completely updated Ubuntu host. Vulners and Vulns.io did not detect security bulletin vulnerabilities there. And this is correct.\n\nVulners did not detect any vulnerabilities at all.\n \n \n $ python3.8 scanvus.py --audit-service vulners --assessment-type localhost\n /$$$$$$$ /$$$$$$$ /$$$$$$ /$$$$$$$ /$$ /$$/$$ /$$ /$$$$$$$\n /$$_____/ /$$_____/ |____ $$| $$__ $$| $$ /$$/ $$ | $$ /$$_____/\n | $$$$$$ | $$ /$$$$$$$| $$ \\ $$ \\ $$/$$/| $$ | $$| $$$$$$ \n \\____ $$| $$ /$$__ $$| $$ | $$ \\ $$$/ | $$ | $$ \\____ $$\n /$$$$$$$/| $$$$$$$| $$$$$$$| $$ | $$ \\ $/ | $$$$$$/ /$$$$$$$/\n |_______/ \\_______/ \\_______/|__/ |__/ \\_/ \\______/ |_______/ \n Getting assessment target...\n assessment_type: localhost\n host: localhost\n Getting OS inventory data...\n os_name: ubuntu\n os_version: 20.04\n package_list_len: 2899\n Getting vulnerability data...\n Getting vulnerability report...\n -------------\n Vulnerability Report for localhost (localhost, ubuntu 20.04, linux kernel 5.4.0-135-generic, 2899 packages)\n 0 vulnerabilities were found\n \n\nAnd Vulns.io detected some vulnerabilities.\n \n \n $ python3.8 scanvus.py --audit-service vulnsio --assessment-type localhost\n /$$$$$$$ /$$$$$$$ /$$$$$$ /$$$$$$$ /$$ /$$/$$ /$$ /$$$$$$$\n /$$_____/ /$$_____/ |____ $$| $$__ $$| $$ /$$/ $$ | $$ /$$_____/\n | $$$$$$ | $$ /$$$$$$$| $$ \\ $$ \\ $$/$$/| $$ | $$| $$$$$$ \n \\____ $$| $$ /$$__ $$| $$ | $$ \\ $$$/ | $$ | $$ \\____ $$\n /$$$$$$$/| $$$$$$$| $$$$$$$| $$ | $$ \\ $/ | $$$$$$/ /$$$$$$$/\n |_______/ \\_______/ \\_______/|__/ |__/ \\_/ \\______/ |_______/ \n Getting assessment target...\n assessment_type: localhost\n host: localhost\n Getting OS inventory data...\n os_name: ubuntu\n os_version: 20.04\n package_list_len: 2899\n Getting vulnerability data...\n Getting vulnerability report...\n -------------\n Vulnerability Report for localhost (localhost, ubuntu 20.04, linux kernel 5.4.0-135-generic, 2899 packages)\n 3 vulnerabilities with levels ['Medium', 'Critical', 'High'] were found\n +---+----------+-------------+------------------+-------------------------------------------------------------------------------+\n | N | Level | Bulletin | CVE | Proof |\n +---+----------+-------------+------------------+-------------------------------------------------------------------------------+\n | 1 | Critical | no advisory | CVE-2021-21783 | apparmor-2.13.3-7ubuntu5.1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2207 | libapparmor1-2.13.3-7ubuntu5.1.amd64 >= 0:0.0.0 |\n | | | | CVE-2020-12390 | libapparmor1-2.13.3-7ubuntu5.1.i386 >= 0:0.0.0 |\n | | | | CVE-2021-3773 | chromium-codecs-ffmpeg-extra-1:85.0.4183.83-0ubuntu0.20.04.2.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-25236 | gstreamer1.0-libav-1.16.2-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-24791 | libqt5webengine-data-5.12.8+dfsg-0ubuntu1.1.all >= 0:0.0.0 |\n | | | | CVE-2019-15232 | libqt5webengine5-5.12.8+dfsg-0ubuntu1.1.amd64 >= 0:0.0.0 |\n | | | | CVE-2020-26972 | libqt5webenginecore5-5.12.8+dfsg-0ubuntu1.1.amd64 >= 0:0.0.0 |\n | | | | CVE-2020-12389 | libqt5webenginewidgets5-5.12.8+dfsg-0ubuntu1.1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2042 | firefox-108.0+build2-0ubuntu0.20.04.1.amd64 >= 0:0.0.0 |\n | | | | CVE-2020-13576 | firefox-locale-en-108.0+build2-0ubuntu0.20.04.1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-23852 | firefox-locale-ru-108.0+build2-0ubuntu0.20.04.1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-1253 | thunderbird-1:102.4.2+build2-0ubuntu0.20.04.1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-29462 | thunderbird-gnome-support-1:102.4.2+build2-0ubuntu0.20.04.1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-30475 | thunderbird-locale-en-1:102.4.2+build2-0ubuntu0.20.04.1.amd64 >= 0:0.0.0 |\n ...\n \n\nWhy? Because Vulners and Vulns.io work differently. Vulners only detects vulnerabilities mentioned in bulletins, while Vulns.io also shows vulnerabilities for which there are no bulletins and patches that fix the vulnerability. Such vulnerabilities are grouped by severity with "no advisory" instead of a bulletin identifier. Whether you want to see vulnerabilities that you can't fix yet is up to you.\n\n### Linux host\n\nNext, I scanned a test upatched Debian 11 host.\n \n \n $ ssh-copy-id -i ~/.ssh/id_rsa.pub vmuser@192.168.56.105\n $ ssh -i ~/.ssh/id_rsa.pub vmuser@192.168.56.105\n\nIn this case, vulnerabilities related to security bulletins were detected. And there are not many of them, so the reports can be easily analyzed manually.\n \n \n $ python3.8 scanvus.py --audit-service \"vulners\" --assessment-type \"remote_ssh\" --host \"192.168.56.105\" --user-name \"vmuser\" --key-path \"/home/alexander/.ssh/id_rsa.pub\"\n /$$$$$$$ /$$$$$$$ /$$$$$$ /$$$$$$$ /$$ /$$/$$ /$$ /$$$$$$$\n /$$_____/ /$$_____/ |____ $$| $$__ $$| $$ /$$/ $$ | $$ /$$_____/\n | $$$$$$ | $$ /$$$$$$$| $$ \\ $$ \\ $$/$$/| $$ | $$| $$$$$$ \n \\____ $$| $$ /$$__ $$| $$ | $$ \\ $$$/ | $$ | $$ \\____ $$\n /$$$$$$$/| $$$$$$$| $$$$$$$| $$ | $$ \\ $/ | $$$$$$/ /$$$$$$$/\n |_______/ \\_______/ \\_______/|__/ |__/ \\_/ \\______/ |_______/ \n Getting assessment target...\n assessment_type: remote_ssh\n host: 192.168.56.105\n user_name: vmuser\n key_path: /home/alexander/.ssh/id_rsa.pub\n Getting OS inventory data...\n os_name: debian\n os_version: 11\n package_list_len: 364\n Getting vulnerability data...\n Getting vulnerability report...\n -------------\n Vulnerability Report for 192.168.56.105 (remote_ssh, debian 11, linux kernel 5.10.0-17-amd64, 364 packages)\n 3 vulnerabilities with levels ['High', 'Medium'] were found\n +---+--------+-------------------------+----------------+------------------------------------------------------------+\n | N | Level | Bulletin | CVE | Proof |\n +---+--------+-------------------------+----------------+------------------------------------------------------------+\n | 1 | High | DEBIAN:DLA-3152-1:9B676 | CVE-2016-10228 | libc-bin 2.31-13+deb11u3 amd64 < 2.31-13+deb11u4 |\n | | | | CVE-2019-19126 | libc6 2.31-13+deb11u3 amd64 < 2.31-13+deb11u4 |\n | | | | CVE-2019-25013 | locales 2.31-13+deb11u3 all < 2.31-13+deb11u4 |\n | | | | CVE-2020-10029 | libc-l10n 2.31-13+deb11u3 all < 2.31-13+deb11u4 |\n | | | | CVE-2020-1752 | |\n | | | | CVE-2020-27618 | |\n | | | | CVE-2020-6096 | |\n | | | | CVE-2021-27645 | |\n | | | | CVE-2021-3326 | |\n | | | | CVE-2021-33574 | |\n | | | | CVE-2021-35942 | |\n | | | | CVE-2021-3999 | |\n | | | | CVE-2022-23218 | |\n | | | | CVE-2022-23219 | |\n +---+--------+-------------------------+----------------+------------------------------------------------------------+\n | 2 | Medium | DEBIAN:DLA-3206-1:5481E | CVE-2019-14870 | krb5-locales 1.18.3-6+deb11u1 all < 1.18.3-6+deb11u3 |\n | | | | CVE-2021-3671 | libkrb5-3 1.18.3-6+deb11u1 amd64 < 1.18.3-6+deb11u3 |\n | | | | CVE-2021-44758 | libk5crypto3 1.18.3-6+deb11u1 amd64 < 1.18.3-6+deb11u3 |\n | | | | CVE-2022-3437 | libkrb5support0 1.18.3-6+deb11u1 amd64 < 1.18.3-6+deb11u3 |\n | | | | CVE-2022-41916 | libgssapi-krb5-2 1.18.3-6+deb11u1 amd64 < 1.18.3-6+deb11u3 |\n | | | | CVE-2022-42898 | |\n | | | | CVE-2022-44640 | |\n +---+--------+-------------------------+----------------+------------------------------------------------------------+\n | 3 | Medium | DEBIAN:DSA-5287-1:12BD4 | CVE-2021-3671 | krb5-locales 1.18.3-6+deb11u1 all < 1.18.3-6+deb11u3 |\n | | | | CVE-2021-44758 | libkrb5-3 1.18.3-6+deb11u1 amd64 < 1.18.3-6+deb11u3 |\n | | | | CVE-2022-3437 | libk5crypto3 1.18.3-6+deb11u1 amd64 < 1.18.3-6+deb11u3 |\n | | | | CVE-2022-41916 | libkrb5support0 1.18.3-6+deb11u1 amd64 < 1.18.3-6+deb11u3 |\n | | | | CVE-2022-42898 | libgssapi-krb5-2 1.18.3-6+deb11u1 amd64 < 1.18.3-6+deb11u3 |\n | | | | CVE-2022-44640 | |\n +---+--------+-------------------------+----------------+------------------------------------------------------------+\n \n \n \n $ python3.8 scanvus.py --audit-service \"vulnsio\" --assessment-type \"remote_ssh\" --host \"192.168.56.105\" --user-name \"vmuser\" --key-path \"/home/alexander/.ssh/id_rsa.pub\"\n /$$$$$$$ /$$$$$$$ /$$$$$$ /$$$$$$$ /$$ /$$/$$ /$$ /$$$$$$$\n /$$_____/ /$$_____/ |____ $$| $$__ $$| $$ /$$/ $$ | $$ /$$_____/\n | $$$$$$ | $$ /$$$$$$$| $$ \\ $$ \\ $$/$$/| $$ | $$| $$$$$$ \n \\____ $$| $$ /$$__ $$| $$ | $$ \\ $$$/ | $$ | $$ \\____ $$\n /$$$$$$$/| $$$$$$$| $$$$$$$| $$ | $$ \\ $/ | $$$$$$/ /$$$$$$$/\n |_______/ \\_______/ \\_______/|__/ |__/ \\_/ \\______/ |_______/ \n Getting assessment target...\n assessment_type: remote_ssh\n host: 192.168.56.105\n user_name: vmuser\n key_path: /home/alexander/.ssh/id_rsa.pub\n Getting OS inventory data...\n os_name: debian\n os_version: 11\n package_list_len: 364\n Getting vulnerability data...\n Getting vulnerability report...\n -------------\n Vulnerability Report for 192.168.56.105 (remote_ssh, debian 11, linux kernel 5.10.0-17-amd64, 364 packages)\n 7 vulnerabilities with levels ['Medium', 'Critical', 'High'] were found\n +---+----------+-------------+------------------+----------------------------------------------------------------+\n | N | Level | Bulletin | CVE | Proof |\n +---+----------+-------------+------------------+----------------------------------------------------------------+\n | 1 | Critical | DSA-5236-1 | CVE-2022-40674 | libexpat1-2.2.10-2+deb11u3.amd64 < 0:2.2.10-2+deb11u4 |\n +---+----------+-------------+------------------+----------------------------------------------------------------+\n | 2 | Critical | no advisory | CVE-2022-23303 | apparmor-2.13.6-10.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-45952 | libapparmor1-2.13.6-10.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-3491 | bluetooth-5.55-3.1.all >= 0:0.0.0 |\n | | | | CVE-2020-27619 | bluez-5.55-3.1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-43400 | libbluetooth3-5.55-3.1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-29921 | busybox-1:1.30.1-6+b3.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-37454 | dnsmasq-base-2.85-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2019-1010022 | libc-bin-2.31-13+deb11u3.amd64 >= 0:0.0.0 |\n | | | | CVE-2005-2541 | libc-l10n-2.31-13+deb11u3.all >= 0:0.0.0 |\n | | | | CVE-2021-45957 | libc6-2.31-13+deb11u3.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-46908 | locales-2.31-13+deb11u3.all >= 0:0.0.0 |\n | | | | CVE-2021-42377 | libdb5.3-5.3.28+dfsg1-0.8.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-46848 | libpcre2-8-0-10.36-2.amd64 < 0:10.36-2+deb11u1 |\n | | | | CVE-2022-23304 | libpython3.9-minimal-3.9.2-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2019-8457 | libpython3.9-stdlib-3.9.2-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2210 | python3.9-3.9.2-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2042 | python3.9-minimal-3.9.2-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-1586 | libsqlite3-0-3.34.1-3.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-45954 | libtasn1-6-4.16.0-2.amd64 < 0:4.16.0-2+deb11u1 |\n | | | | CVE-2022-1587 | tar-1.34+dfsg-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-45953 | vim-common-2:8.2.2434-3+deb11u1.all >= 0:0.0.0 |\n | | | | CVE-2016-1585 | vim-tiny-2:8.2.2434-3+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-45955 | xxd-2:8.2.2434-3+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-45956 | wpasupplicant-2:2.9.0-21.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-45951 | |\n | | | | CVE-2015-20107 | |\n | | | | CVE-2022-2207 | |\n | | | | CVE-2022-0318 | |\n | | | | CVE-2022-1927 | |\n +---+----------+-------------+------------------+----------------------------------------------------------------+\n | 3 | High | DSA-5207-1 | CVE-2022-26373 | linux-image-5.10.0-16-amd64-5.10.127-2.amd64 < 0:5.10.136-1 |\n | | | | CVE-2022-2585 | |\n | | | | CVE-2022-23816 | |\n | | | | CVE-2022-2588 | |\n | | | | CVE-2022-29901 | |\n | | | | CVE-2022-36946 | |\n | | | | CVE-2022-2586 | |\n | | | | CVE-2022-29900 | |\n | | | | CVE-2022-36879 | |\n +---+----------+-------------+------------------+----------------------------------------------------------------+\n | 4 | High | DSA-5235-1 | CVE-2022-3080 | bind9-dnsutils-1:9.16.27-1~deb11u1.amd64 < 1:9.16.33-1~deb11u1 |\n | | | | CVE-2022-38177 | bind9-host-1:9.16.27-1~deb11u1.amd64 < 1:9.16.33-1~deb11u1 |\n | | | | CVE-2022-2795 | bind9-libs-1:9.16.27-1~deb11u1.amd64 < 1:9.16.33-1~deb11u1 |\n | | | | CVE-2022-38178 | |\n +---+----------+-------------+------------------+----------------------------------------------------------------+\n | 5 | High | no advisory | CVE-2022-1616 | bash-completion-1:2.11-2.all >= 0:0.0.0 |\n | | | | CVE-2022-31782 | bluetooth-5.55-3.1.all >= 0:0.0.0 |\n | | | | CVE-2022-0361 | bluez-5.55-3.1.amd64 >= 0:0.0.0 |\n | | | | CVE-2020-15778 | libbluetooth3-5.55-3.1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-3534 | busybox-1:1.30.1-6+b3.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-28831 | cpio-2.13+dfsg-4.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-43680 | dnsmasq-base-2.85-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-43551 | e2fsprogs-1.46.2-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-0629 | libcom-err2-1.46.2-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2284 | libext2fs2-1.46.2-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-4173 | libss2-1.46.2-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-0729 | logsave-1.46.2-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-3999 | grub-common-2.04-20.amd64 < 0:2.06-3~deb11u1 |\n | | | | CVE-2022-2206 | grub-pc-2.04-20.amd64 < 0:2.06-3~deb11u1 |\n | | | | CVE-2021-3903 | grub-pc-bin-2.04-20.amd64 < 0:2.06-3~deb11u1 |\n | | | | CVE-2022-1733 | grub2-common-2.04-20.amd64 < 0:2.06-3~deb11u1 |\n | | | | CVE-2022-1851 | iptables-1.8.7-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2019-19378 | libip4tc2-1.8.7-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2016-9918 | libip6tc2-1.8.7-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-42385 | libxtables12-1.8.7-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2581 | krb5-locales-1.18.3-6+deb11u1.all >= 0:0.0.0 |\n | | | | CVE-2021-42384 | libgssapi-krb5-2-1.18.3-6+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-39537 | libk5crypto3-1.18.3-6+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-42919 | libkrb5-3-1.18.3-6+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-3973 | libkrb5support0-1.18.3-6+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2129 | libbpf0-1:0.3-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-4136 | libc-bin-2.31-13+deb11u3.amd64 >= 0:0.0.0 |\n | | | | CVE-2017-15131 | libc-l10n-2.31-13+deb11u3.all >= 0:0.0.0 |\n | | | | CVE-2022-3176 | libc6-2.31-13+deb11u3.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2344 | locales-2.31-13+deb11u3.all >= 0:0.0.0 |\n | | | | CVE-2021-3697 | libcurl3-gnutls-7.74.0-1.3+deb11u2.amd64 >= 0:0.0.0 |\n | | | | CVE-2017-7246 | libexpat1-2.2.10-2+deb11u3.amd64 < 0:2.2.10-2+deb11u5 |\n | | | | CVE-2020-26560 | libfreetype6-2.10.4+dfsg-1+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2020-26559 | libgcrypt20-1.8.7-6.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-39686 | libjansson4-2.13.1-1.1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-1247 | libldap-2.4-2-2.4.57+dfsg-3+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-42382 | libldap-common-2.4.57+dfsg-3+deb11u1.all >= 0:0.0.0 |\n | | | | CVE-2017-17740 | libncurses6-6.2+20201114-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2020-36325 | libncursesw6-6.2+20201114-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2257 | libtinfo6-6.2+20201114-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-1154 | ncurses-base-6.2+20201114-2.all >= 0:0.0.0 |\n | | | | CVE-2022-0392 | ncurses-bin-6.2+20201114-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-3297 | ncurses-term-6.2+20201114-2.all >= 0:0.0.0 |\n | | | | CVE-2021-4192 | libpcre3-2:8.39-13.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2287 | libperl5.32-5.32.1-4+deb11u2.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-0408 | perl-5.32.1-4+deb11u2.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2571 | perl-base-5.32.1-4+deb11u2.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-0393 | perl-modules-5.32-5.32.1-4+deb11u2.all >= 0:0.0.0 |\n | | | | CVE-2022-1619 | libpolkit-agent-1-0-0.105-31+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2017-7245 | libpolkit-gobject-1-0-0.105-31+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2345 | policykit-1-0.105-31+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-1886 | libpython3.9-minimal-3.9.2-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-4204 | libpython3.9-stdlib-3.9.2-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-0943 | python3.9-3.9.2-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2264 | python3.9-minimal-3.9.2-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-0359 | libsqlite3-0-3.34.1-3.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-0572 | linux-image-5.10.0-16-amd64-5.10.127-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-0391 | linux-image-5.10.0-17-amd64-5.10.136-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2017-11164 | linux-image-amd64-5.10.136-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-0413 | login-1:4.8.1-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-3974 | passwd-1:4.8.1-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-1769 | openssh-client-1:8.4p1-5+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-42378 | openssh-server-1:8.4p1-5+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-0554 | openssh-sftp-server-1:8.4p1-5+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2175 | python3-httplib2-0.18.1-3.all >= 0:0.0.0 |\n | | | | CVE-2022-0685 | vim-common-2:8.2.2434-3+deb11u1.all >= 0:0.0.0 |\n | | | | CVE-2022-1621 | vim-tiny-2:8.2.2434-3+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-36690 | xxd-2:8.2.2434-3+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2019-1010023 | xdg-user-dirs-0.17-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2946 | |\n | | | | CVE-2018-20796 | |\n | | | | CVE-2021-38185 | |\n | | | | CVE-2018-6829 | |\n | | | | CVE-2022-3424 | |\n | | | | CVE-2021-21240 | |\n | | | | CVE-2022-1735 | |\n | | | | CVE-2022-0204 | |\n | | | | CVE-2019-9192 | |\n | | | | CVE-2016-9917 | |\n | | | | CVE-2022-2849 | |\n | | | | CVE-2022-2304 | |\n | | | | CVE-2022-0407 | |\n | | | | CVE-2021-3737 | |\n | | | | CVE-2022-2602 | |\n | | | | CVE-2022-1898 | |\n | | | | CVE-2022-2845 | |\n | | | | CVE-2022-0417 | |\n | | | | CVE-2022-1882 | |\n | | | | CVE-2013-7445 | |\n | | | | CVE-2019-20838 | |\n | | | | CVE-2021-42386 | |\n | | | | CVE-2022-2289 | |\n | | | | CVE-2022-1304 | |\n | | | | CVE-2022-2889 | |\n | | | | CVE-2022-1629 | |\n | | | | CVE-2021-41617 | |\n | | | | CVE-2022-2183 | |\n | | | | CVE-2022-0351 | |\n | | | | CVE-2020-11725 | |\n | | | | CVE-2021-4166 | |\n | | | | CVE-2022-2817 | |\n | | | | CVE-2020-26557 | |\n | | | | CVE-2022-29458 | |\n | | | | CVE-2021-3968 | |\n | | | | CVE-2022-25265 | |\n | | | | CVE-2019-19070 | |\n | | | | CVE-2021-4037 | |\n | | | | CVE-2019-12456 | |\n | | | | CVE-2019-19882 | |\n | | | | CVE-2021-33560 | |\n | | | | CVE-2022-2522 | |\n | | | | CVE-2022-2182 | |\n | | | | CVE-2012-2663 | |\n | | | | CVE-2022-1796 | |\n | | | | CVE-2022-2862 | |\n | | | | CVE-2022-2286 | |\n | | | | CVE-2020-16156 | |\n | | | | CVE-2022-1942 | |\n | | | | CVE-2022-1679 | |\n | | | | CVE-2021-26934 | |\n | | | | CVE-2018-1000500 | |\n | | | | CVE-2008-4609 | |\n | | | | CVE-2019-19449 | |\n | | | | CVE-2021-42381 | |\n | | | | CVE-2022-0368 | |\n | | | | CVE-2022-1720 | |\n | | | | CVE-2022-2125 | |\n | | | | CVE-2021-3847 | |\n | | | | CVE-2022-4139 | |\n | | | | CVE-2022-4378 | |\n | | | | CVE-2022-1620 | |\n | | | | CVE-2021-3872 | |\n | | | | CVE-2022-2126 | |\n | | | | CVE-2022-0934 | |\n | | | | CVE-2021-3928 | |\n | | | | CVE-2022-2000 | |\n | | | | CVE-2021-42383 | |\n | | | | CVE-2022-2816 | |\n | | | | CVE-2021-3984 | |\n | | | | CVE-2019-19814 | |\n | | | | CVE-2022-28733 | |\n | | | | CVE-2021-3927 | |\n | | | | CVE-2020-12362 | |\n | | | | CVE-2018-5709 | |\n | | | | CVE-2011-4116 | |\n | | | | CVE-2022-35737 | |\n | | | | CVE-2022-30065 | |\n | | | | CVE-2022-28734 | |\n | | | | CVE-2018-7738 | |\n | | | | CVE-2021-4187 | |\n | | | | CVE-2021-4069 | |\n | | | | CVE-2016-2568 | |\n | | | | CVE-2022-2343 | |\n | | | | CVE-2021-32078 | |\n | | | | CVE-2021-28861 | |\n | | | | CVE-2021-42380 | |\n | | | | CVE-2022-2819 | |\n | | | | CVE-2022-1785 | |\n | | | | CVE-2021-3864 | |\n | | | | CVE-2022-0443 | |\n | | | | CVE-2022-2124 | |\n | | | | CVE-2021-4019 | |\n | | | | CVE-2022-1968 | |\n | | | | CVE-2022-28391 | |\n | | | | CVE-2022-0500 | |\n | | | | CVE-2022-3775 | |\n | | | | CVE-2022-1897 | |\n | | | | CVE-2022-0261 | |\n | | | | CVE-2021-42379 | |\n | | | | CVE-2022-2285 | |\n +---+----------+-------------+------------------+----------------------------------------------------------------+\n | 6 | Medium | DSA-5251-1 | CVE-2022-2929 | isc-dhcp-client-4.4.1-2.3.amd64 < 0:4.4.1-2.3+deb11u1 |\n | | | | CVE-2022-2928 | isc-dhcp-common-4.4.1-2.3.amd64 < 0:4.4.1-2.3+deb11u1 |\n +---+----------+-------------+------------------+----------------------------------------------------------------+\n | 7 | Medium | no advisory | CVE-2019-12380 | avahi-autoipd-0.8-5.amd64 < 0:0.8-5+deb11u1 |\n | | | | CVE-2021-42376 | bash-5.1-2+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2019-16234 | bluetooth-5.55-3.1.all >= 0:0.0.0 |\n | | | | CVE-2022-3586 | bluez-5.55-3.1.amd64 >= 0:0.0.0 |\n | | | | CVE-2008-5367 | libbluetooth3-5.55-3.1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-1674 | bsdextrautils-2.36.1-8+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-31879 | bsdutils-1:2.36.1-8+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2018-15919 | eject-2.36.1-8+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-1771 | fdisk-2.36.1-8+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2020-36516 | libblkid1-2.36.1-8+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-1280 | libfdisk1-2.36.1-8+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-3669 | libmount1-2.36.1-8+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2010-5321 | libsmartcols1-2.36.1-8+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2007-6755 | libuuid1-2.36.1-8+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2020-15719 | mount-2.36.1-8+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-42374 | util-linux-2.36.1-8+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-28736 | busybox-1:1.30.1-6+b3.amd64 >= 0:0.0.0 |\n | | | | CVE-2016-9804 | coreutils-8.32-4+b1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-42375 | grub-common-2.04-20.amd64 < 0:2.06-3~deb11u1 |\n | | | | CVE-2021-3696 | grub-pc-2.04-20.amd64 < 0:2.06-3~deb11u1 |\n | | | | CVE-2018-17977 | grub-pc-bin-2.04-20.amd64 < 0:2.06-3~deb11u1 |\n | | | | CVE-2022-0156 | grub2-common-2.04-20.amd64 < 0:2.06-3~deb11u1 |\n | | | | CVE-2022-3542 | initramfs-tools-0.140.all >= 0:0.0.0 |\n | | | | CVE-2016-9799 | initramfs-tools-core-0.140.all >= 0:0.0.0 |\n | | | | CVE-2011-3389 | krb5-locales-1.18.3-6+deb11u1.all < 0:1.18.3-6+deb11u3 |\n | | | | CVE-2020-26555 | libgssapi-krb5-2-1.18.3-6+deb11u1.amd64 < 0:1.18.3-6+deb11u3 |\n | | | | CVE-2019-16229 | libk5crypto3-1.18.3-6+deb11u1.amd64 < 0:1.18.3-6+deb11u3 |\n | | | | CVE-2020-24504 | libkrb5-3-1.18.3-6+deb11u1.amd64 < 0:1.18.3-6+deb11u3 |\n | | | | CVE-2017-16231 | libkrb5support0-1.18.3-6+deb11u1.amd64 < 0:1.18.3-6+deb11u3 |\n | | | | CVE-2021-4193 | libbpf0-1:0.3-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2874 | libc-bin-2.31-13+deb11u3.amd64 >= 0:0.0.0 |\n | | | | CVE-2012-4542 | libc-l10n-2.31-13+deb11u3.all >= 0:0.0.0 |\n | | | | CVE-2022-3715 | libc6-2.31-13+deb11u3.amd64 >= 0:0.0.0 |\n | | | | CVE-2013-4235 | locales-2.31-13+deb11u3.all >= 0:0.0.0 |\n | | | | CVE-2016-9798 | libcurl3-gnutls-7.74.0-1.3+deb11u2.amd64 >= 0:0.0.0 |\n | | | | CVE-2020-0347 | libexpat1-2.2.10-2+deb11u3.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-22923 | libglib2.0-0-2.66.8-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2017-14159 | libglib2.0-data-2.66.8-1.all >= 0:0.0.0 |\n | | | | CVE-2021-3468 | libgnutls30-3.7.1-5+deb11u2.amd64 >= 0:0.0.0 |\n | | | | CVE-2008-5366 | libldap-2.4-2-2.4.57+dfsg-3+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2012-0039 | libldap-common-2.4.57+dfsg-3+deb11u1.all >= 0:0.0.0 |\n | | | | CVE-2020-14145 | libnss-systemd-247.3-7.amd64 >= 0:0.0.0 |\n | | | | CVE-2017-18018 | libpam-systemd-247.3-7.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-4415 | libsystemd0-247.3-7.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-44879 | libudev1-247.3-7.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-3502 | systemd-247.3-7.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-4095 | systemd-sysv-247.3-7.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-1420 | systemd-timesyncd-247.3-7.amd64 >= 0:0.0.0 |\n | | | | CVE-2016-3709 | udev-247.3-7.amd64 >= 0:0.0.0 |\n | | | | CVE-2019-15794 | libpcre3-2:8.39-13.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-0213 | libpng16-16-1.6.37-3.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-42328 | libpolkit-agent-1-0-0.105-31+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-42329 | libpolkit-gobject-1-0-0.105-31+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-42898 | policykit-1-0.105-31+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2015-3276 | libprotobuf-c1-1.3.3-1+b2.amd64 >= 0:0.0.0 |\n | | | | CVE-2011-4917 | libpython3.9-minimal-3.9.2-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2010-4756 | libpython3.9-stdlib-3.9.2-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-4189 | python3.9-3.9.2-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2019-16233 | python3.9-minimal-3.9.2-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2231 | libsqlite3-0-3.34.1-3.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-4214 | libssl1.1-1.1.1n-0+deb11u3.amd64 >= 0:0.0.0 |\n | | | | CVE-2014-9892 | openssl-1.1.1n-0+deb11u3.amd64 >= 0:0.0.0 |\n | | | | CVE-2008-4677 | libxml2-2.9.10+dfsg-6.7+deb11u2.amd64 >= 0:0.0.0 |\n | | | | CVE-2008-4996 | linux-image-5.10.0-16-amd64-5.10.127-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2020-12364 | linux-image-5.10.0-17-amd64-5.10.136-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2598 | linux-image-amd64-5.10.136-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2017-1000382 | login-1:4.8.1-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-3426 | passwd-1:4.8.1-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2010-0928 | openssh-client-1:8.4p1-5+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2097 | openssh-server-1:8.4p1-5+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2017-13084 | openssh-sftp-server-1:8.4p1-5+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2008-5135 | os-prober-1.79.amd64 >= 0:0.0.0 |\n | | | | CVE-2016-9803 | ppp-2.4.9-1+1.amd64 >= 0:0.0.0 |\n | | | | CVE-2015-3243 | rsyslog-8.2102.0-2+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2017-0630 | vim-common-2:8.2.2434-3+deb11u1.all >= 0:0.0.0 |\n | | | | CVE-2007-2768 | vim-tiny-2:8.2.2434-3+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-45941 | xxd-2:8.2.2434-3+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2016-10723 | wget-1.21-1+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-3857 | wpasupplicant-2:2.9.0-21.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-3658 | |\n | | | | CVE-2020-26142 | |\n | | | | CVE-2022-2208 | |\n | | | | CVE-2022-2873 | |\n | | | | CVE-2021-45346 | |\n | | | | CVE-2022-4662 | |\n | | | | CVE-2022-0714 | |\n | | | | CVE-2021-4023 | |\n | | | | CVE-2007-5686 | |\n | | | | CVE-2019-6129 | |\n | | | | CVE-2022-3061 | |\n | | | | CVE-2022-0171 | |\n | | | | CVE-2020-12363 | |\n | | | | CVE-2022-33070 | |\n | | | | CVE-2017-13694 | |\n | | | | CVE-2021-3714 | |\n | | | | CVE-2022-1184 | |\n | | | | CVE-2020-26143 | |\n | | | | CVE-2019-1010025 | |\n | | | | CVE-2020-13529 | |\n | | | | CVE-2019-16089 | |\n | | | | CVE-2022-0563 | |\n | | | | CVE-2019-15213 | |\n | | | | CVE-2019-12379 | |\n | | | | CVE-2014-9900 | |\n | | | | CVE-2022-2923 | |\n | | | | CVE-2019-5062 | |\n | | | | CVE-2021-30004 | |\n | | | | CVE-2016-9797 | |\n | | | | CVE-2016-9801 | |\n | | | | CVE-2017-13693 | |\n | | | | CVE-2007-2243 | |\n | | | | CVE-2019-6110 | |\n | | | | CVE-2022-0696 | |\n | | | | CVE-2019-12381 | |\n | | | | CVE-2021-4115 | |\n | | | | CVE-2019-16231 | |\n | | | | CVE-2019-12382 | |\n | | | | CVE-2022-3344 | |\n | | | | CVE-2020-14304 | |\n | | | | CVE-2022-23825 | |\n | | | | CVE-2019-12455 | |\n | | | | CVE-2004-0230 | |\n | | | | CVE-2022-3707 | |\n | | | | CVE-2019-16230 | |\n | | | | CVE-2019-1010024 | |\n | | | | CVE-2020-26140 | |\n | | | | CVE-2016-20012 | |\n | | | | CVE-2021-22922 | |\n | | | | CVE-2021-3759 | |\n | | | | CVE-2022-0480 | |\n | | | | CVE-2011-4916 | |\n | | | | CVE-2005-3660 | |\n | | | | CVE-2010-4563 | |\n | | | | CVE-2016-8660 | |\n | | | | CVE-2008-3234 | |\n | | | | CVE-2013-0340 | |\n | | | | CVE-2019-20794 | |\n | | | | CVE-2016-2781 | |\n | | | | CVE-2019-16232 | |\n | | | | CVE-2021-33061 | |\n | | | | CVE-2022-3628 | |\n | | | | CVE-2018-12928 | |\n | | | | CVE-2022-28735 | |\n | | | | CVE-2018-1121 | |\n | | | | CVE-2022-1462 | |\n | | | | CVE-2022-43552 | |\n | | | | CVE-2016-9800 | |\n | | | | CVE-2019-12378 | |\n | | | | CVE-2021-4149 | |\n | | | | CVE-2011-4915 | |\n | | | | CVE-2020-15802 | |\n | | | | CVE-2021-45940 | |\n | | | | CVE-2022-2153 | |\n | | | | CVE-2022-4543 | |\n | | | | CVE-2021-41229 | |\n | | | | CVE-2008-2544 | |\n | | | | CVE-2016-9802 | |\n | | | | CVE-2022-3606 | |\n | | | | CVE-2022-0400 | |\n | | | | CVE-2022-0319 | |\n | | | | CVE-2022-21505 | |\n | | | | CVE-2021-3733 | |\n | | | | CVE-2021-42373 | |\n | | | | CVE-2021-3695 | |\n +---+----------+-------------+------------------+----------------------------------------------------------------+\n \n\nAnd we can see that the APIs returned different detection results for the DSA/DLA bulletins. The intersection of the sets is empty.\n \n \n **Vulners \u2216 VulnsIO:** 3 {'DLA-3206-1', 'DSA-5287-1', 'DLA-3152-1'}\n **Vulners \u2229 VulnsIO:** 0 set()\n **VulnsIO \u2216 Vulners:** 4 {'DSA-5207-1', 'DSA-5235-1', 'DSA-5236-1', 'DSA-5251-1'}\n\nAt the same time, proofs look convincing at first glance. In this episode, I won't go into why there is such a difference in Debian vulnerability detection results. Perhaps the answer is in the operation of the API, and perhaps in the collection of data from the host. I think we will solve this with colleagues from Vulners and Vulns.io. I'm just pointing out again that vulnerability detection is not that easy and it's good when you can use several independent detection engines and compare the results.\n\n### Docker image \n\nNext, I check the vulnerabilities for the Docker image. It is also based on Debian 11.\n \n \n $ python3.8 scanvus.py --audit-service vulners --assessment-type \"docker_image\" --docker-image \"python:3.9.6-slim-bullseye\"\n /$$$$$$$ /$$$$$$$ /$$$$$$ /$$$$$$$ /$$ /$$/$$ /$$ /$$$$$$$\n /$$_____/ /$$_____/ |____ $$| $$__ $$| $$ /$$/ $$ | $$ /$$_____/\n | $$$$$$ | $$ /$$$$$$$| $$ \\ $$ \\ $$/$$/| $$ | $$| $$$$$$ \n \\____ $$| $$ /$$__ $$| $$ | $$ \\ $$$/ | $$ | $$ \\____ $$\n /$$$$$$$/| $$$$$$$| $$$$$$$| $$ | $$ \\ $/ | $$$$$$/ /$$$$$$$/\n |_______/ \\_______/ \\_______/|__/ |__/ \\_/ \\______/ |_______/ \n Getting assessment target...\n assessment_type: docker_image\n docker_image: python:3.9.6-slim-bullseye\n Getting OS inventory data...\n os_name: debian\n os_version: 11\n package_list_len: 105\n Getting vulnerability data...\n Getting vulnerability report...\n -------------\n Vulnerability Report for python:3.9.6-slim-bullseye (docker_image, debian 11, linux kernel 5.4.0-135-generic, 105 packages)\n 22 vulnerabilities with levels ['Critical', 'High', 'Medium'] were found\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | N | Level | Bulletin | CVE | Proof |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 1 | Critical | DEBIAN:DLA-2904-1:6B1FD | CVE-2021-45960 | libexpat1 2.2.10-2 amd64 < 2.2.10-2+deb11u1 |\n | | | | CVE-2021-46143 | |\n | | | | CVE-2022-22822 | |\n | | | | CVE-2022-22823 | |\n | | | | CVE-2022-22824 | |\n | | | | CVE-2022-22825 | |\n | | | | CVE-2022-22826 | |\n | | | | CVE-2022-22827 | |\n | | | | CVE-2022-23852 | |\n | | | | CVE-2022-23990 | |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 2 | Critical | DEBIAN:DLA-3008-1:E2717 | CVE-2022-1292 | libssl1.1 1.1.1k-1 amd64 < 1.1.1n-0+deb11u2 |\n | | | | | openssl 1.1.1k-1 amd64 < 1.1.1n-0+deb11u2 |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 3 | Critical | DEBIAN:DSA-5073-1:5DBA9 | CVE-2021-45960 | libexpat1 2.2.10-2 amd64 < 2.2.10-2+deb11u1 |\n | | | | CVE-2021-46143 | |\n | | | | CVE-2022-22822 | |\n | | | | CVE-2022-22823 | |\n | | | | CVE-2022-22824 | |\n | | | | CVE-2022-22825 | |\n | | | | CVE-2022-22826 | |\n | | | | CVE-2022-22827 | |\n | | | | CVE-2022-23852 | |\n | | | | CVE-2022-23990 | |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 4 | Critical | DEBIAN:DSA-5139-1:0E208 | CVE-2022-1292 | libssl1.1 1.1.1k-1 amd64 < 1.1.1n-0+deb11u2 |\n | | | | | openssl 1.1.1k-1 amd64 < 1.1.1n-0+deb11u2 |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 5 | Critical | DEBIAN:DSA-5169-1:87483 | CVE-2022-2068 | libssl1.1 1.1.1k-1 amd64 < 1.1.1n-0+deb11u3 |\n | | | | | openssl 1.1.1k-1 amd64 < 1.1.1n-0+deb11u3 |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 6 | High | DEBIAN:DLA-2935-1:EEAAD | CVE-2022-23852 | libexpat1 2.2.10-2 amd64 < 2.2.10-2+deb11u1 |\n | | | | CVE-2022-25235 | |\n | | | | CVE-2022-25236 | |\n | | | | CVE-2022-25313 | |\n | | | | CVE-2022-25315 | |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 7 | High | DEBIAN:DLA-3022-1:26EFE | CVE-2022-1664 | dpkg 1.20.9 amd64 < 1.20.10 |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 8 | High | DEBIAN:DLA-3152-1:9B676 | CVE-2016-10228 | libc-bin 2.31-13 amd64 < 2.31-13+deb11u3 |\n | | | | CVE-2019-19126 | libc6 2.31-13 amd64 < 2.31-13+deb11u3 |\n | | | | CVE-2019-25013 | |\n | | | | CVE-2020-10029 | |\n | | | | CVE-2020-1752 | |\n | | | | CVE-2020-27618 | |\n | | | | CVE-2020-6096 | |\n | | | | CVE-2021-27645 | |\n | | | | CVE-2021-3326 | |\n | | | | CVE-2021-33574 | |\n | | | | CVE-2021-35942 | |\n | | | | CVE-2021-3999 | |\n | | | | CVE-2022-23218 | |\n | | | | CVE-2022-23219 | |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 9 | High | DEBIAN:DSA-4963-1:90BFC | CVE-2021-3711 | libssl1.1 1.1.1k-1 amd64 < 1.1.1k-1+deb11u1 |\n | | | | CVE-2021-3712 | openssl 1.1.1k-1 amd64 < 1.1.1k-1+deb11u1 |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 10 | High | DEBIAN:DSA-4963-1:DA7BC | CVE-2021-3711 | libssl1.1 1.1.1k-1 amd64 < 1.1.1k-1+deb11u1 |\n | | | | CVE-2021-3712 | openssl 1.1.1k-1 amd64 < 1.1.1k-1+deb11u1 |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 11 | High | DEBIAN:DSA-5085-1:EC5E7 | CVE-2022-25235 | libexpat1 2.2.10-2 amd64 < 2.2.10-2+deb11u2 |\n | | | | CVE-2022-25236 | |\n | | | | CVE-2022-25313 | |\n | | | | CVE-2022-25314 | |\n | | | | CVE-2022-25315 | |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 12 | High | DEBIAN:DSA-5085-2:292DA | CVE-2022-25236 | libexpat1 2.2.10-2 amd64 < 2.2.10-2+deb11u3 |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 13 | High | DEBIAN:DSA-5147-1:638F9 | CVE-2022-1664 | dpkg 1.20.9 amd64 < 1.20.10 |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 14 | Medium | DEBIAN:DLA-2766-1:9EFDC | CVE-2021-3712 | libssl1.1 1.1.1k-1 amd64 < 1.1.1k-1+deb11u1 |\n | | | | | openssl 1.1.1k-1 amd64 < 1.1.1k-1+deb11u1 |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 15 | Medium | DEBIAN:DLA-2771-1:D1964 | CVE-2018-20217 | libk5crypto3 1.18.3-6 amd64 < 1.18.3-6+deb11u1 |\n | | | | CVE-2018-5729 | libkrb5-3 1.18.3-6 amd64 < 1.18.3-6+deb11u1 |\n | | | | CVE-2018-5730 | libgssapi-krb5-2 1.18.3-6 amd64 < 1.18.3-6+deb11u1 |\n | | | | CVE-2021-37750 | libkrb5support0 1.18.3-6 amd64 < 1.18.3-6+deb11u1 |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 16 | Medium | DEBIAN:DLA-2774-1:D8CE0 | CVE-2021-3712 | libssl1.1 1.1.1k-1 amd64 < 1.1.1k-1+deb11u1 |\n | | | | | openssl 1.1.1k-1 amd64 < 1.1.1k-1+deb11u1 |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 17 | Medium | DEBIAN:DLA-2952-1:7651B | CVE-2019-1551 | libssl1.1 1.1.1k-1 amd64 < 1.1.1k-1+deb11u2 |\n | | | | CVE-2022-0778 | openssl 1.1.1k-1 amd64 < 1.1.1k-1+deb11u2 |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 18 | Medium | DEBIAN:DLA-2953-1:551CB | CVE-2022-0778 | libssl1.1 1.1.1k-1 amd64 < 1.1.1k-1+deb11u2 |\n | | | | | openssl 1.1.1k-1 amd64 < 1.1.1k-1+deb11u2 |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 19 | Medium | DEBIAN:DLA-3206-1:5481E | CVE-2019-14870 | libk5crypto3 1.18.3-6 amd64 < 1.18.3-6+deb11u3 |\n | | | | CVE-2021-3671 | libkrb5-3 1.18.3-6 amd64 < 1.18.3-6+deb11u3 |\n | | | | CVE-2021-44758 | libgssapi-krb5-2 1.18.3-6 amd64 < 1.18.3-6+deb11u3 |\n | | | | CVE-2022-3437 | libkrb5support0 1.18.3-6 amd64 < 1.18.3-6+deb11u3 |\n | | | | CVE-2022-41916 | |\n | | | | CVE-2022-42898 | |\n | | | | CVE-2022-44640 | |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 20 | Medium | DEBIAN:DSA-5103-1:C47DD | CVE-2021-4160 | libssl1.1 1.1.1k-1 amd64 < 1.1.1k-1+deb11u2 |\n | | | | CVE-2022-0778 | openssl 1.1.1k-1 amd64 < 1.1.1k-1+deb11u2 |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 21 | Medium | DEBIAN:DSA-5174-1:32717 | CVE-2022-34903 | gpgv 2.2.27-2 amd64 < 2.2.27-2+deb11u2 |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 22 | Medium | DEBIAN:DSA-5287-1:12BD4 | CVE-2021-3671 | libk5crypto3 1.18.3-6 amd64 < 1.18.3-6+deb11u3 |\n | | | | CVE-2021-44758 | libkrb5-3 1.18.3-6 amd64 < 1.18.3-6+deb11u3 |\n | | | | CVE-2022-3437 | libgssapi-krb5-2 1.18.3-6 amd64 < 1.18.3-6+deb11u3 |\n | | | | CVE-2022-41916 | libkrb5support0 1.18.3-6 amd64 < 1.18.3-6+deb11u3 |\n | | | | CVE-2022-42898 | |\n | | | | CVE-2022-44640 | |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n \n \n \n $ python3.8 scanvus.py --audit-service vulnsio --assessment-type \"docker_image\" --docker-image \"python:3.9.6-slim-bullseye\" \n /$$$$$$$ /$$$$$$$ /$$$$$$ /$$$$$$$ /$$ /$$/$$ /$$ /$$$$$$$\n /$$_____/ /$$_____/ |____ $$| $$__ $$| $$ /$$/ $$ | $$ /$$_____/\n | $$$$$$ | $$ /$$$$$$$| $$ \\ $$ \\ $$/$$/| $$ | $$| $$$$$$ \n \\____ $$| $$ /$$__ $$| $$ | $$ \\ $$$/ | $$ | $$ \\____ $$\n /$$$$$$$/| $$$$$$$| $$$$$$$| $$ | $$ \\ $/ | $$$$$$/ /$$$$$$$/\n |_______/ \\_______/ \\_______/|__/ |__/ \\_/ \\______/ |_______/ \n Getting assessment target...\n assessment_type: docker_image\n docker_image: python:3.9.6-slim-bullseye\n Getting OS inventory data...\n os_name: debian\n os_version: 11\n package_list_len: 105\n Getting vulnerability data...\n Getting vulnerability report...\n -------------\n Vulnerability Report for python:3.9.6-slim-bullseye (docker_image, debian 11, linux kernel 5.4.0-135-generic, 105 packages)\n 19 vulnerabilities with levels ['Critical', 'High', 'Medium'] were found\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | N | Level | Bulletin | CVE | Proof |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 1 | Critical | DSA-4963-1 | CVE-2021-3711 | libssl1.1-1.1.1k-1.amd64 < 0:1.1.1k-1+deb11u1 |\n | | | | CVE-2021-3712 | openssl-1.1.1k-1.amd64 < 0:1.1.1k-1+deb11u1 |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 2 | Critical | DSA-5073-1 | CVE-2022-23852 | libexpat1-2.2.10-2.amd64 < 0:2.2.10-2+deb11u1 |\n | | | | CVE-2022-23990 | |\n | | | | CVE-2021-46143 | |\n | | | | CVE-2022-22824 | |\n | | | | CVE-2022-22827 | |\n | | | | CVE-2021-45960 | |\n | | | | CVE-2022-22822 | |\n | | | | CVE-2022-22825 | |\n | | | | CVE-2022-22823 | |\n | | | | CVE-2022-22826 | |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 3 | Critical | DSA-5085-1 | CVE-2022-25236 | libexpat1-2.2.10-2.amd64 < 0:2.2.10-2+deb11u2 |\n | | | | CVE-2022-25314 | |\n | | | | CVE-2022-25235 | |\n | | | | CVE-2022-25315 | |\n | | | | CVE-2022-25313 | |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 4 | Critical | DSA-5139-1 | CVE-2022-1292 | libssl1.1-1.1.1k-1.amd64 < 0:1.1.1n-0+deb11u2 |\n | | | | | openssl-1.1.1k-1.amd64 < 0:1.1.1n-0+deb11u2 |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 5 | Critical | DSA-5147-1 | CVE-2022-1664 | dpkg-1.20.9.amd64 < 0:1.20.10 |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 6 | Critical | DSA-5169-1 | CVE-2022-2068 | libssl1.1-1.1.1k-1.amd64 < 0:1.1.1n-0+deb11u3 |\n | | | | | openssl-1.1.1k-1.amd64 < 0:1.1.1n-0+deb11u3 |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 7 | Critical | DSA-5218-1 | CVE-2022-37434 | zlib1g-1:1.2.11.dfsg-2.amd64 < 1:1.2.11.dfsg-2+deb11u2 |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 8 | Critical | DSA-5236-1 | CVE-2022-40674 | libexpat1-2.2.10-2.amd64 < 0:2.2.10-2+deb11u4 |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 9 | Critical | no advisory | CVE-2022-23218 | libc-bin-2.31-13.amd64 < 0:2.31-13+deb11u3 |\n | | | | CVE-2022-46908 | libc6-2.31-13.amd64 < 0:2.31-13+deb11u3 |\n | | | | CVE-2019-1010022 | libdb5.3-5.3.28+dfsg1-0.8.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-23219 | libpcre2-8-0-10.36-2.amd64 < 0:10.36-2+deb11u1 |\n | | | | CVE-2019-8457 | libsqlite3-0-3.34.1-3.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-33574 | libtasn1-6-4.16.0-2.amd64 < 0:4.16.0-2+deb11u1 |\n | | | | CVE-2005-2541 | tar-1.34+dfsg-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-1587 | |\n | | | | CVE-2022-1586 | |\n | | | | CVE-2021-46848 | |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 10 | High | DSA-5103-1 | CVE-2022-0778 | libssl1.1-1.1.1k-1.amd64 < 0:1.1.1k-1+deb11u2 |\n | | | | CVE-2021-4160 | openssl-1.1.1k-1.amd64 < 0:1.1.1k-1+deb11u2 |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 11 | High | DSA-5111-1 | CVE-2018-25032 | zlib1g-1:1.2.11.dfsg-2.amd64 < 1:1.2.11.dfsg-2+deb11u1 |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 12 | High | DSA-5122-1 | CVE-2022-1271 | gzip-1.10-4.amd64 < 0:1.10-4+deb11u1 |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 13 | High | DSA-5123-1 | CVE-2022-1271 | liblzma5-5.2.5-2.amd64 < 0:5.2.5-2.1~deb11u1 |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 14 | High | DSA-5200-1 | CVE-2021-46828 | libtirpc-common-1.3.1-1.all < 0:1.3.1-1+deb11u1 |\n | | | | | libtirpc3-1.3.1-1.amd64 < 0:1.3.1-1+deb11u1 |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 15 | High | DSA-5203-1 | CVE-2022-2509 | libgnutls30-3.7.1-5.amd64 < 0:3.7.1-5+deb11u2 |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 16 | High | no advisory | CVE-2022-29458 | e2fsprogs-1.46.2-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2018-6829 | libcom-err2-1.46.2-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-43618 | libext2fs2-1.46.2-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2019-20838 | libss2-1.46.2-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-36690 | logsave-1.46.2-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2019-19882 | libc-bin-2.31-13.amd64 < 0:2.31-13+deb11u3 |\n | | | | CVE-2011-4116 | libc6-2.31-13.amd64 < 0:2.31-13+deb11u3 |\n | | | | CVE-2022-1304 | libexpat1-2.2.10-2.amd64 < 0:2.2.10-2+deb11u5 |\n | | | | CVE-2017-7246 | libgcrypt20-1.8.7-6.amd64 >= 0:0.0.0 |\n | | | | CVE-2018-20796 | libgmp10-2:6.2.1+dfsg-1.amd64 < 2:6.2.1+dfsg-1+deb11u1 |\n | | | | CVE-2019-1010023 | libgssapi-krb5-2-1.18.3-6.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-39537 | libk5crypto3-1.18.3-6.amd64 >= 0:0.0.0 |\n | | | | CVE-2020-16156 | libkrb5-3-1.18.3-6.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-43680 | libkrb5support0-1.18.3-6.amd64 >= 0:0.0.0 |\n | | | | CVE-2018-5709 | libncursesw6-6.2+20201114-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2019-9192 | libtinfo6-6.2+20201114-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-3999 | ncurses-base-6.2+20201114-2.all >= 0:0.0.0 |\n | | | | CVE-2017-7245 | ncurses-bin-6.2+20201114-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2017-11164 | libpcre3-2:8.39-13.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-35737 | libsqlite3-0-3.34.1-3.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-43396 | login-1:4.8.1-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-33560 | passwd-1:4.8.1-1.amd64 >= 0:0.0.0 |\n | | | | | perl-base-5.32.1-4+deb11u1.amd64 >= 0:0.0.0 |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 17 | Medium | DSA-5055-1 | CVE-2021-3996 | bsdutils-1:2.36.1-8.amd64 < 0:2.36.1-8+deb11u1 |\n | | | | CVE-2021-3995 | libblkid1-2.36.1-8.amd64 < 0:2.36.1-8+deb11u1 |\n | | | | | libmount1-2.36.1-8.amd64 < 0:2.36.1-8+deb11u1 |\n | | | | | libsmartcols1-2.36.1-8.amd64 < 0:2.36.1-8+deb11u1 |\n | | | | | libuuid1-2.36.1-8.amd64 < 0:2.36.1-8+deb11u1 |\n | | | | | mount-2.36.1-8.amd64 < 0:2.36.1-8+deb11u1 |\n | | | | | util-linux-2.36.1-8.amd64 < 0:2.36.1-8+deb11u1 |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 18 | Medium | DSA-5174-1 | CVE-2022-34903 | gpgv-2.2.27-2.amd64 < 0:2.2.27-2+deb11u2 |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 19 | Medium | no advisory | CVE-2022-2097 | bash-5.1-2+b3.amd64 >= 0:0.0.0 |\n | | | | CVE-2013-4235 | bsdutils-1:2.36.1-8.amd64 >= 0:0.0.0 |\n | | | | CVE-2019-1010024 | libblkid1-2.36.1-8.amd64 >= 0:0.0.0 |\n | | | | CVE-2010-0928 | libmount1-2.36.1-8.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-4209 | libsmartcols1-2.36.1-8.amd64 >= 0:0.0.0 |\n | | | | CVE-2016-2781 | libuuid1-2.36.1-8.amd64 >= 0:0.0.0 |\n | | | | CVE-2017-16231 | mount-2.36.1-8.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-42898 | util-linux-2.36.1-8.amd64 >= 0:0.0.0 |\n | | | | CVE-2017-18018 | coreutils-8.32-4+b1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-45346 | libc-bin-2.31-13.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-37750 | libc6-2.31-13.amd64 >= 0:0.0.0 |\n | | | | CVE-2007-6755 | libexpat1-2.2.10-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2010-4756 | libgnutls30-3.7.1-5.amd64 >= 0:0.0.0 |\n | | | | CVE-2013-0340 | libgssapi-krb5-2-1.18.3-6.amd64 < 0:1.18.3-6+deb11u1 |\n | | | | CVE-2021-3997 | libk5crypto3-1.18.3-6.amd64 < 0:1.18.3-6+deb11u1 |\n | | | | CVE-2011-3389 | libkrb5-3-1.18.3-6.amd64 < 0:1.18.3-6+deb11u1 |\n | | | | CVE-2022-3715 | libkrb5support0-1.18.3-6.amd64 < 0:1.18.3-6+deb11u1 |\n | | | | CVE-2022-0563 | libpcre3-2:8.39-13.amd64 >= 0:0.0.0 |\n | | | | CVE-2020-13529 | libsqlite3-0-3.34.1-3.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-4415 | libssl1.1-1.1.1k-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2019-1010025 | openssl-1.1.1k-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2007-5686 | libsystemd0-247.3-6.amd64 < 0:247.3-7 |\n | | | | | libudev1-247.3-6.amd64 < 0:247.3-7 |\n | | | | | login-1:4.8.1-1.amd64 >= 0:0.0.0 |\n | | | | | passwd-1:4.8.1-1.amd64 >= 0:0.0.0 |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n \n\nIn this case, more vulnerabilities were detected. We can also see a big difference in the results, but there is already some intersection of the sets.\n \n \n **Vulners \u2216 VulnsIO:** 13 {'DSA-5287-1', 'DLA-2771-1', 'DLA-2904-1', 'DLA-3022-1', 'DLA-3206-1', 'DLA-2766-1', 'DLA-2935-1', 'DLA-2774-1', 'DLA-3008-1', 'DLA-3152-1', 'DLA-2953-1', 'DSA-5085-2', 'DLA-2952-1'}\n **Vulners \u2229 VulnsIO:** 8 {'DSA-5147-1', 'DSA-5073-1', 'DSA-5174-1', 'DSA-4963-1', 'DSA-5169-1', 'DSA-5139-1', 'DSA-5085-1', 'DSA-5103-1'}\n **VulnsIO \u2216 Vulners:** 8 {'DSA-5111-1', 'DSA-5055-1', 'DSA-5123-1', 'DSA-5122-1', 'DSA-5236-1', 'DSA-5203-1', 'DSA-5218-1', 'DSA-5200-1'}\n\nWe can look at one bulletin that was detected by two APIs.\n\nVulners:\n \n \n | 13 | High | DEBIAN:DSA-5147-1:638F9 | CVE-2022-1664 | dpkg 1.20.9 amd64 < 1.20.10 |\n\nVulns.io:\n \n \n | 5 | Critical | DSA-5147-1 | CVE-2022-1664 | dpkg-1.20.9.amd64 < 0:1.20.10 |\n\nAs you can see from the proofs, the detection criteria are the same. And this is good. I would also like to draw attention to the different values of the criticality level for the bulletin. [Debian does not provide](<https://www.debian.org/security/2022/dsa-5147>) a this criticality level, apparently it is calculated by the vendors based on CVSS, but in different ways. \n\n## What's next?\n\nAs we can see, support for the Vulners.com and Vulns.io APIs in Scanvus opens up new opportunities for testing the correctness of the detection for all supported Linux distributions.\n\nCurrently, support for the Vulners.com API and support for the Vulns.io API are implemented equally, but they are implemented independently. The bash inventory scripts for each of the APIs are different. Two independent reporting functions are also used. It seems right to **unify the inventory script** so that the same inventory results can be checked with Vulners.com and Vulns.io. It also seems right to create a **single format for presenting detection results** and convert raw results from APIs into this format. This format could be used for reporting and further integrations. In this way, it will be possible to debug the scheme for adding new APIs to Scanvus.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-12-30T18:03:13", "type": "avleonov", "title": "Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs", "bulletinFamily": "blog", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2004-0230", "CVE-2005-2541", "CVE-2005-3660", "CVE-2007-2243", "CVE-2007-2768", "CVE-2007-5686", "CVE-2007-6755", "CVE-2008-2544", "CVE-2008-3234", "CVE-2008-4609", "CVE-2008-4677", "CVE-2008-4996", "CVE-2008-5135", "CVE-2008-5366", "CVE-2008-5367", "CVE-2010-0928", "CVE-2010-4563", "CVE-2010-4756", "CVE-2010-5321", "CVE-2011-3389", "CVE-2011-4116", "CVE-2011-4915", "CVE-2011-4916", "CVE-2011-4917", "CVE-2012-0039", "CVE-2012-2663", "CVE-2012-4542", "CVE-2013-0340", "CVE-2013-4235", "CVE-2013-7445", "CVE-2014-9892", "CVE-2014-9900", "CVE-2015-20107", "CVE-2015-3243", "CVE-2015-3276", "CVE-2016-10228", "CVE-2016-10723", "CVE-2016-1585", "CVE-2016-20012", "CVE-2016-2568", "CVE-2016-2781", "CVE-2016-3709", "CVE-2016-8660", "CVE-2016-9797", "CVE-2016-9798", "CVE-2016-9799", "CVE-2016-9800", "CVE-2016-9801", "CVE-2016-9802", "CVE-2016-9803", "CVE-2016-9804", "CVE-2016-9917", "CVE-2016-9918", "CVE-2017-0630", "CVE-2017-1000382", "CVE-2017-11164", "CVE-2017-13084", "CVE-2017-13693", "CVE-2017-13694", "CVE-2017-14159", "CVE-2017-15131", "CVE-2017-16231", "CVE-2017-17740", "CVE-2017-18018", "CVE-2017-7245", "CVE-2017-7246", "CVE-2018-1000500", "CVE-2018-1121", "CVE-2018-12928", "CVE-2018-15919", "CVE-2018-17977", "CVE-2018-20217", "CVE-2018-20796", "CVE-2018-25032", "CVE-2018-5709", "CVE-2018-5729", "CVE-2018-5730", "CVE-2018-6829", "CVE-2018-7738", "CVE-2019-1010022", "CVE-2019-1010023", "CVE-2019-1010024", "CVE-2019-1010025", "CVE-2019-12378", "CVE-2019-12379", "CVE-2019-12380", "CVE-2019-12381", "CVE-2019-12382", "CVE-2019-12455", "CVE-2019-12456", "CVE-2019-14870", "CVE-2019-15213", "CVE-2019-15232", "CVE-2019-1551", "CVE-2019-15794", "CVE-2019-16089", "CVE-2019-16229", "CVE-2019-16230", "CVE-2019-16231", "CVE-2019-16232", "CVE-2019-16233", "CVE-2019-16234", "CVE-2019-19070", "CVE-2019-19126", "CVE-2019-19378", "CVE-2019-19449", "CVE-2019-19814", "CVE-2019-19882", "CVE-2019-20794", "CVE-2019-20838", "CVE-2019-25013", "CVE-2019-5062", "CVE-2019-6110", "CVE-2019-6129", "CVE-2019-8457", "CVE-2019-9192", "CVE-2020-0347", "CVE-2020-10029", "CVE-2020-11725", "CVE-2020-12362", "CVE-2020-12363", "CVE-2020-12364", "CVE-2020-12389", "CVE-2020-12390", "CVE-2020-13529", "CVE-2020-13576", "CVE-2020-14145", "CVE-2020-14304", "CVE-2020-15719", "CVE-2020-15778", "CVE-2020-15802", "CVE-2020-16156", "CVE-2020-1752", "CVE-2020-24504", "CVE-2020-26140", "CVE-2020-26142", "CVE-2020-26143", "CVE-2020-26555", "CVE-2020-26557", "CVE-2020-26559", "CVE-2020-26560", "CVE-2020-26972", "CVE-2020-27618", "CVE-2020-27619", "CVE-2020-36325", "CVE-2020-36516", "CVE-2020-6096", "CVE-2021-21240", "CVE-2021-21783", "CVE-2021-22922", "CVE-2021-22923", "CVE-2021-26934", "CVE-2021-27645", "CVE-2021-28831", "CVE-2021-28861", "CVE-2021-29462", "CVE-2021-29921", "CVE-2021-30004", "CVE-2021-30475", "CVE-2021-31879", "CVE-2021-32078", "CVE-2021-33061", "CVE-2021-3326", "CVE-2021-33560", "CVE-2021-33574", "CVE-2021-3426", "CVE-2021-3468", "CVE-2021-3502", "CVE-2021-35942", "CVE-2021-3658", "CVE-2021-3669", "CVE-2021-36690", "CVE-2021-3671", "CVE-2021-3695", "CVE-2021-3696", "CVE-2021-3697", "CVE-2021-3711", "CVE-2021-3712", "CVE-2021-3714", "CVE-2021-3733", "CVE-2021-3737", "CVE-2021-3759", "CVE-2021-3773", "CVE-2021-37750", "CVE-2021-38185", "CVE-2021-3847", "CVE-2021-3864", "CVE-2021-3872", "CVE-2021-3903", "CVE-2021-3927", "CVE-2021-3928", "CVE-2021-39537", "CVE-2021-3968", "CVE-2021-39686", "CVE-2021-3973", "CVE-2021-3974", "CVE-2021-3984", "CVE-2021-3995", "CVE-2021-3996", "CVE-2021-3997", "CVE-2021-3999", "CVE-2021-4019", "CVE-2021-4023", "CVE-2021-4037", "CVE-2021-4069", "CVE-2021-4115", "CVE-2021-41229", "CVE-2021-4136", "CVE-2021-4149", "CVE-2021-4160", "CVE-2021-41617", "CVE-2021-4166", "CVE-2021-4173", "CVE-2021-4187", "CVE-2021-4189", "CVE-2021-4192", "CVE-2021-4193", "CVE-2021-4204", "CVE-2021-4209", "CVE-2021-4214", "CVE-2021-42373", "CVE-2021-42374", "CVE-2021-42375", "CVE-2021-42376", "CVE-2021-42377", "CVE-2021-42378", "CVE-2021-42379", "CVE-2021-42380", "CVE-2021-42381", "CVE-2021-42382", "CVE-2021-42383", "CVE-2021-42384", "CVE-2021-42385", "CVE-2021-42386", "CVE-2021-43396", "CVE-2021-43400", "CVE-2021-43618", "CVE-2021-44758", "CVE-2021-44879", "CVE-2021-45346", "CVE-2021-45940", "CVE-2021-45941", "CVE-2021-45951", "CVE-2021-45952", "CVE-2021-45953", "CVE-2021-45954", "CVE-2021-45955", "CVE-2021-45956", "CVE-2021-45957", "CVE-2021-45960", "CVE-2021-46143", "CVE-2021-46828", "CVE-2021-46848", "CVE-2022-0156", "CVE-2022-0171", "CVE-2022-0204", "CVE-2022-0213", "CVE-2022-0261", "CVE-2022-0318", "CVE-2022-0319", "CVE-2022-0351", "CVE-2022-0359", "CVE-2022-0361", "CVE-2022-0368", "CVE-2022-0391", "CVE-2022-0392", "CVE-2022-0393", "CVE-2022-0400", "CVE-2022-0407", "CVE-2022-0408", "CVE-2022-0413", "CVE-2022-0417", "CVE-2022-0443", "CVE-2022-0480", "CVE-2022-0500", "CVE-2022-0554", "CVE-2022-0563", "CVE-2022-0572", "CVE-2022-0629", "CVE-2022-0685", "CVE-2022-0696", "CVE-2022-0714", "CVE-2022-0729", "CVE-2022-0778", "CVE-2022-0934", "CVE-2022-0943", "CVE-2022-1154", "CVE-2022-1184", "CVE-2022-1247", "CVE-2022-1253", "CVE-2022-1271", "CVE-2022-1280", "CVE-2022-1292", "CVE-2022-1304", "CVE-2022-1420", "CVE-2022-1462", "CVE-2022-1586", "CVE-2022-1587", "CVE-2022-1616", "CVE-2022-1619", "CVE-2022-1620", "CVE-2022-1621", "CVE-2022-1629", "CVE-2022-1664", "CVE-2022-1674", "CVE-2022-1679", "CVE-2022-1720", "CVE-2022-1733", "CVE-2022-1735", "CVE-2022-1769", "CVE-2022-1771", "CVE-2022-1785", "CVE-2022-1796", "CVE-2022-1851", "CVE-2022-1882", "CVE-2022-1886", "CVE-2022-1897", "CVE-2022-1898", "CVE-2022-1927", "CVE-2022-1942", "CVE-2022-1968", "CVE-2022-2000", "CVE-2022-2042", "CVE-2022-2068", "CVE-2022-2097", "CVE-2022-2124", "CVE-2022-2125", "CVE-2022-2126", "CVE-2022-2129", "CVE-2022-21505", "CVE-2022-2153", "CVE-2022-2175", "CVE-2022-2182", "CVE-2022-2183", "CVE-2022-2206", "CVE-2022-2207", "CVE-2022-2208", "CVE-2022-2210", "CVE-2022-2231", "CVE-2022-2257", "CVE-2022-2264", "CVE-2022-22822", "CVE-2022-22823", "CVE-2022-22824", "CVE-2022-22825", "CVE-2022-22826", "CVE-2022-22827", "CVE-2022-2284", "CVE-2022-2285", "CVE-2022-2286", "CVE-2022-2287", "CVE-2022-2289", "CVE-2022-2304", "CVE-2022-23218", "CVE-2022-23219", "CVE-2022-23303", "CVE-2022-23304", "CVE-2022-2343", "CVE-2022-2344", "CVE-2022-2345", "CVE-2022-23816", "CVE-2022-23825", "CVE-2022-23852", "CVE-2022-23990", "CVE-2022-24791", "CVE-2022-2509", "CVE-2022-2522", "CVE-2022-25235", "CVE-2022-25236", "CVE-2022-25265", "CVE-2022-25313", "CVE-2022-25314", "CVE-2022-25315", "CVE-2022-2571", "CVE-2022-2581", "CVE-2022-2585", "CVE-2022-2586", "CVE-2022-2588", "CVE-2022-2598", "CVE-2022-2602", "CVE-2022-26373", "CVE-2022-2795", "CVE-2022-2816", "CVE-2022-2817", "CVE-2022-2819", "CVE-2022-28391", "CVE-2022-2845", "CVE-2022-2849", "CVE-2022-2862", "CVE-2022-2873", "CVE-2022-28733", "CVE-2022-28734", "CVE-2022-28735", "CVE-2022-28736", "CVE-2022-2874", "CVE-2022-2889", "CVE-2022-2923", "CVE-2022-2928", "CVE-2022-2929", "CVE-2022-29458", "CVE-2022-2946", "CVE-2022-29900", "CVE-2022-29901", "CVE-2022-30065", "CVE-2022-3061", "CVE-2022-3080", "CVE-2022-3176", "CVE-2022-31782", "CVE-2022-3297", "CVE-2022-33070", "CVE-2022-3344", "CVE-2022-3424", "CVE-2022-3437", "CVE-2022-34903", "CVE-2022-3491", "CVE-2022-3534", "CVE-2022-3542", "CVE-2022-35737", "CVE-2022-3586", "CVE-2022-3606", "CVE-2022-3628", "CVE-2022-36879", "CVE-2022-36946", "CVE-2022-3707", "CVE-2022-3715", "CVE-2022-37434", "CVE-2022-37454", "CVE-2022-3775", "CVE-2022-38177", "CVE-2022-38178", "CVE-2022-3857", "CVE-2022-40674", "CVE-2022-4095", "CVE-2022-4139", "CVE-2022-41916", "CVE-2022-42328", "CVE-2022-42329", "CVE-2022-42898", "CVE-2022-42919", "CVE-2022-43551", "CVE-2022-43552", "CVE-2022-43680", "CVE-2022-4378", "CVE-2022-4415", "CVE-2022-44640", "CVE-2022-4543", "CVE-2022-4662", "CVE-2022-46908"], "modified": "2022-12-30T18:03:13", "id": "AVLEONOV:317FBD7DA93C95993A9FFF38FB04A987", "href": "https://avleonov.com/2022/12/30/scanvus-now-supports-vulners-and-vulns-io-vm-linux-vulnerability-detection-apis/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}

About the security content of macOS Big Sur 11.6.8

Description

Affected Software

Related