4.3

CVE-2022-46705

EPSS 0.11%
Veröffentlicht 27.02.2023 20:15:12
Zuletzt bearbeitet 21.11.2024 07:30:56
Quelle product-security@apple.com
Teams Watchlist Login
Unerledigt Login

A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, Safari 16.2. Visiting a malicious website may lead to address bar spoofing.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 11

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Apple ≫ Safari Version < 16.2

Apple ≫ iPadOS Version < 15.7.2

Apple ≫ iPadOS Version >= 16.0 < 16.2

Apple ≫ iPhone OS Version < 15.7.2

Apple ≫ iPhone OS Version >= 16.0 < 16.2

Apple ≫ macOS Version < 13.1

Apple ≫ tvOS Version < 16.2

Apple ≫ watchOS Version < 9.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.11%	0.293

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.3	2.8	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

https://support.apple.com/kb/HT213531

Vendor Advisory

https://support.apple.com/kb/HT213535

Vendor Advisory

https://support.apple.com/kb/HT213536

Vendor Advisory

https://support.apple.com/en-us/HT213532

Vendor Advisory

Release Notes

https://support.apple.com/en-us/HT213530

Vendor Advisory

Release Notes

https://support.apple.com/en-us/HT213537

Vendor Advisory

Release Notes

http://www.openwall.com/lists/oss-security/2023/11/15/1

Third Party Advisory

Mailing List

https://support.apple.com/kb/HT213676

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2022-46705

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-46705

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-46705

EUVD