6.1

CVE-2022-32891

The issue was addressed with improved UI handling. This issue is fixed in Safari 16, tvOS 16, watchOS 9, iOS 16. Visiting a website that frames malicious content may lead to UI spoofing.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AppleSafari Version < 16.0
AppleiPhone OS Version < 16.0
AppletvOS Version < 16.0
ApplewatchOS Version < 9.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.71% 0.484
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.1 2.8 2.7
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CWE-1021 Improper Restriction of Rendered UI Layers or Frames

The web application does not restrict or incorrectly restricts frame objects or UI layers that belong to another application or domain.

https://support.apple.com/en-us/HT213446
Vendor Advisory
https://support.apple.com/en-us/HT213442
Vendor Advisory
https://security.gentoo.org/glsa/202305-32
https://support.apple.com/en-us/HT213486
Vendor Advisory
https://support.apple.com/en-us/HT213487
Vendor Advisory