Lucene search

[email protected]NVD:CVE-2022-32886

HistorySep 20, 2022 - 9:15 p.m.

CVE-2022-32886

2022-09-2021:15:11

CWE-787

[email protected]

web.nvd.nist.gov

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.003 Low

EPSS

Percentile

70.9%

JSON

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7. Processing maliciously crafted web content may lead to arbitrary code execution.

Affected configurations

NVD

Node

applesafariRange<16.0

appleipadosRange<15.7

appleiphone_osRange<15.7

Node

fedoraprojectfedoraMatch35

fedoraprojectfedoraMatch36

fedoraprojectfedoraMatch37

Node

debiandebian_linuxMatch10.0

debiandebian_linuxMatch11.0

References

seclists.org/fulldisclosure/2022/Oct/28

seclists.org/fulldisclosure/2022/Oct/39

seclists.org/fulldisclosure/2022/Oct/41

lists.debian.org/debian-lts-announce/2022/09/msg00034.html

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/74MXH2U5GA4CX3L3NLYP4TBO4O2VOPBJ/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KDV6OLKDTL55NH4LNSMLQ4D6LLSX6JU2/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDNT32WIARRD2ANWKGCTTIQXI6OII7HZ/

security.gentoo.org/glsa/202305-32

support.apple.com/en-us/HT213442

support.apple.com/en-us/HT213445

support.apple.com/en-us/HT213446

www.debian.org/security/2022/dsa-5240

www.debian.org/security/2022/dsa-5241

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.003 Low

EPSS

Percentile

70.9%

JSON

Related for NVD:CVE-2022-32886

ubuntu1 prion1 debian3 nessus23 osv6 redhatcve1 cvelist1 debiancve1 ubuntucve1 openvas19 cve1 suse2 fedora2 mageia1 apple6 almalinux2 oraclelinux2 redhat2 gentoo1