Lucene search

K
cvelistAppleCVELIST:CVE-2022-22589
HistoryMar 18, 2022 - 5:59 p.m.

CVE-2022-22589

2022-03-1817:59:18
apple
www.cve.org

6.5 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.9%

A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing a maliciously crafted mail message may lead to running arbitrary javascript.

CNA Affected

[
  {
    "product": "iOS and iPadOS",
    "vendor": "Apple",
    "versions": [
      {
        "lessThan": "15.3",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "macOS",
    "vendor": "Apple",
    "versions": [
      {
        "lessThan": "12.2",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "tvOS",
    "vendor": "Apple",
    "versions": [
      {
        "lessThan": "15.3",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "tvOS",
    "vendor": "Apple",
    "versions": [
      {
        "lessThan": "15.3",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "watchOS",
    "vendor": "Apple",
    "versions": [
      {
        "lessThan": "8.4",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]