8.8

CVE-2022-32886

EPSS 0.43%
Published 20.09.2022 21:15:11
Last modified 29.05.2025 15:15:21
Source product-security@apple.com
Teams watchlist Login
Open Login

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7. Processing maliciously crafted web content may lead to arbitrary code execution.

Affected products Warnungen 0 Metrics 3 CWE 1 References 16

Data is provided by the National Vulnerability Database (NVD)

Apple ≫ Safari Version < 16.0

Apple ≫ iPadOS Version < 15.7

Apple ≫ iPhone OS Version < 15.7

Fedoraproject ≫ Fedora Version35

Fedoraproject ≫ Fedora Version36

Fedoraproject ≫ Fedora Version37

Debian ≫ Debian Linux Version10.0

Debian ≫ Debian Linux Version11.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.43%	0.616

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

http://seclists.org/fulldisclosure/2022/Oct/28

http://seclists.org/fulldisclosure/2022/Oct/39

http://seclists.org/fulldisclosure/2022/Oct/41

Third Party Advisory

Mailing List

https://support.apple.com/en-us/HT213445

Vendor Advisory

Release Notes

https://support.apple.com/en-us/HT213446

Vendor Advisory

Release Notes

https://support.apple.com/en-us/HT213442

Vendor Advisory

Release Notes

https://lists.debian.org/debian-lts-announce/2022/09/msg00034.html

Third Party Advisory

Mailing List

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/74MXH2U5GA4CX3L3NLYP4TBO4O2VOPBJ/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KDV6OLKDTL55NH4LNSMLQ4D6LLSX6JU2/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDNT32WIARRD2ANWKGCTTIQXI6OII7HZ/

https://security.gentoo.org/glsa/202305-32

https://www.debian.org/security/2022/dsa-5240

Third Party Advisory

Mailing List

https://www.debian.org/security/2022/dsa-5241

Third Party Advisory

Mailing List

https://nvd.nist.gov/vuln/detail/CVE-2022-32886

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-32886

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-32886

EUVD