6.1

CVE-2022-42799

The issue was addressed with improved UI handling. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Visiting a malicious website may lead to user interface spoofing.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AppleSafari Version < 16.1
AppleiPadOS Version < 16.0
AppleiPhone OS Version < 16.1
ApplemacOS Version < 13.0
AppletvOS Version < 16.1
ApplewatchOS Version < 9.1
FedoraprojectFedora Version35
FedoraprojectFedora Version36
FedoraprojectFedora Version37
DebianDebian Linux Version10.0
DebianDebian Linux Version11.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.19% 0.639
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.1 2.8 2.7
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.1 2.8 2.7
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CWE-1021 Improper Restriction of Rendered UI Layers or Frames

The web application does not restrict or incorrectly restricts frame objects or UI layers that belong to another application or domain.

https://security.gentoo.org/glsa/202305-32
https://support.apple.com/en-us/HT213488
Vendor Advisory
Release Notes
http://www.openwall.com/lists/oss-security/2022/11/04/4
Third Party Advisory
Mailing List
https://support.apple.com/en-us/HT213489
Vendor Advisory
Release Notes
https://support.apple.com/en-us/HT213495
Vendor Advisory
Release Notes
https://support.apple.com/en-us/HT213491
Vendor Advisory
Release Notes
https://support.apple.com/en-us/HT213492
Vendor Advisory
Release Notes
https://lists.debian.org/debian-lts-announce/2022/11/msg00010.html
Third Party Advisory
Mailing List
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5LF4LYP725XZ7RWOPFUV6DGPN4Q5DUU4/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AQKLEGJK3LHAKUQOLBHNR2DI3IUGLLTY/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JOFKX6BUEJFECSVFV6P5INQCOYQBB4NZ/
https://www.debian.org/security/2022/dsa-5273
Third Party Advisory
https://www.debian.org/security/2022/dsa-5274
Third Party Advisory