4.3

CVE-2022-46705

EPSS 0.11%
Published 27.02.2023 20:15:12
Last modified 21.11.2024 07:30:56
Source product-security@apple.com
Teams watchlist Login
Open Login

A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, Safari 16.2. Visiting a malicious website may lead to address bar spoofing.

Affected products Warnungen 0 Metrics 2 CWE 0 References 11

Data is provided by the National Vulnerability Database (NVD)

Apple ≫ Safari Version < 16.2

Apple ≫ iPadOS Version < 15.7.2

Apple ≫ iPadOS Version >= 16.0 < 16.2

Apple ≫ iPhone OS Version < 15.7.2

Apple ≫ iPhone OS Version >= 16.0 < 16.2

Apple ≫ macOS Version < 13.1

Apple ≫ tvOS Version < 16.2

Apple ≫ watchOS Version < 9.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.11%	0.293

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	4.3	2.8	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

https://support.apple.com/kb/HT213531

Vendor Advisory

https://support.apple.com/kb/HT213535

Vendor Advisory

https://support.apple.com/kb/HT213536

Vendor Advisory

https://support.apple.com/en-us/HT213532

Vendor Advisory

Release Notes

https://support.apple.com/en-us/HT213530

Vendor Advisory

Release Notes

https://support.apple.com/en-us/HT213537

Vendor Advisory

Release Notes

http://www.openwall.com/lists/oss-security/2023/11/15/1

Third Party Advisory

Mailing List

https://support.apple.com/kb/HT213676

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2022-46705

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-46705

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-46705

EUVD