CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-42808
https://notcve.org/view.php?id=CVE-2022-42808
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. A remote user may be able to cause kernel code execution. Se solucionó un problema de escritura fuera de los límites mejorando la verificación de los límites. Este problema se solucionó en tvOS 16.1, iOS 16.1 y iPadOS 16, macOS Ventura 13, watchOS 9.1. • https://support.apple.com/en-us/HT213488 https://support.apple.com/en-us/HT213489 https://support.apple.com/en-us/HT213491 https://support.apple.com/en-us/HT213492 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-42811
https://notcve.org/view.php?id=CVE-2022-42811
An access issue was addressed with additional sandbox restrictions. This issue is fixed in tvOS 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. An app may be able to access user-sensitive data. Se solucionó un problema de acceso con restricciones adicionales de la zona de pruebas. Este problema se solucionó en tvOS 16.1, iOS 16.1 y iPadOS 16, macOS Ventura 13, watchOS 9.1. • https://support.apple.com/en-us/HT213488 https://support.apple.com/en-us/HT213489 https://support.apple.com/en-us/HT213491 https://support.apple.com/en-us/HT213492 •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-42813
https://notcve.org/view.php?id=CVE-2022-42813
A certificate validation issue existed in the handling of WKWebView. This issue was addressed with improved validation. This issue is fixed in tvOS 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. Processing a maliciously crafted certificate may lead to arbitrary code execution. Existía un problema de validación de certificados en el manejo de WKWebView. • https://support.apple.com/en-us/HT213488 https://support.apple.com/en-us/HT213489 https://support.apple.com/en-us/HT213491 https://support.apple.com/en-us/HT213492 • CWE-295: Improper Certificate Validation •
CVSS: 6.1EPSS: 0%CPEs: 11EXPL: 0CVE-2022-42799 – webkitgtk: issue was addressed with improved UI handling
https://notcve.org/view.php?id=CVE-2022-42799
The issue was addressed with improved UI handling. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Visiting a malicious website may lead to user interface spoofing. El problema se solucionó mejorando el manejo de la interfaz de usuario. Este problema se solucionó en tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 y iPadOS 16. • http://www.openwall.com/lists/oss-security/2022/11/04/4 https://lists.debian.org/debian-lts-announce/2022/11/msg00010.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5LF4LYP725XZ7RWOPFUV6DGPN4Q5DUU4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AQKLEGJK3LHAKUQOLBHNR2DI3IUGLLTY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JOFKX6BUEJFECSVFV6P5INQCOYQBB4NZ https://security.gentoo.org/glsa/202 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 8.8EPSS: 0%CPEs: 11EXPL: 0CVE-2022-42823 – webkitgtk: type confusion issue leading to arbitrary code execution
https://notcve.org/view.php?id=CVE-2022-42823
A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content may lead to arbitrary code execution. Se solucionó un problema de confusión de tipos mejorando el manejo de la memoria. Este problema se solucionó en tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 y iPadOS 16. • http://www.openwall.com/lists/oss-security/2022/11/04/4 https://lists.debian.org/debian-lts-announce/2022/11/msg00010.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5LF4LYP725XZ7RWOPFUV6DGPN4Q5DUU4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AQKLEGJK3LHAKUQOLBHNR2DI3IUGLLTY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JOFKX6BUEJFECSVFV6P5INQCOYQBB4NZ https://security.gentoo.org/glsa/202 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •