Lucene search

K
debiancveDebian Security Bug TrackerDEBIANCVE:CVE-2022-32792
HistorySep 23, 2022 - 7:15 p.m.

CVE-2022-32792

2022-09-2319:15:12
Debian Security Bug Tracker
security-tracker.debian.org
27
out-of-bounds write
input validation
ios 15.6
ipados 15.6
watchos 8.7
tvos 15.6
macos monterey 12.5
safari 15.6
arbitrary code execution
maliciously crafted web content
cve-2022-32792
unix

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.003

Percentile

70.5%

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing maliciously crafted web content may lead to arbitrary code execution.

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.003

Percentile

70.5%