6.1
CVE-2022-42799
- EPSS 1.19%
- Veröffentlicht 01.11.2022 20:15:22
- Zuletzt bearbeitet 05.05.2025 17:18:18
- Quelle product-security@apple.com
- CVE-Watchlists
- Unerledigt
The issue was addressed with improved UI handling. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Visiting a malicious website may lead to user interface spoofing.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Fedoraproject ≫ Fedora Version35
Fedoraproject ≫ Fedora Version36
Fedoraproject ≫ Fedora Version37
Debian ≫ Debian Linux Version10.0
Debian ≫ Debian Linux Version11.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.19% | 0.639 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.1 | 2.8 | 2.7 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.1 | 2.8 | 2.7 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
|
CWE-1021 Improper Restriction of Rendered UI Layers or Frames
The web application does not restrict or incorrectly restricts frame objects or UI layers that belong to another application or domain.
https://security.gentoo.org/glsa/202305-32
https://support.apple.com/en-us/HT213488
http://www.openwall.com/lists/oss-security/2022/11/04/4
https://support.apple.com/en-us/HT213489
https://support.apple.com/en-us/HT213495
https://support.apple.com/en-us/HT213491
https://support.apple.com/en-us/HT213492
https://lists.debian.org/debian-lts-announce/2022/11/msg00010.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5LF4LYP725XZ7RWOPFUV6DGPN4Q5DUU4/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AQKLEGJK3LHAKUQOLBHNR2DI3IUGLLTY/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JOFKX6BUEJFECSVFV6P5INQCOYQBB4NZ/
https://www.debian.org/security/2022/dsa-5273
https://www.debian.org/security/2022/dsa-5274