CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-22637 – webkitgtk: logic issue was addressed with improved state management
https://notcve.org/view.php?id=CVE-2022-22637
A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5, iOS 15.4 and iPadOS 15.4, tvOS 15.4. A malicious website may cause unexpected cross-origin behavior. Se abordó un problema de lógica con una administración de estados mejorada. Este problema ha sido corregido en macOS Monterey versión 12.3, Safari versión 15.4, watchOS versión 8.5, iOS versión 15.4 y iPadOS versión 15.4, tvOS versión 15.4. • https://support.apple.com/en-us/HT213182 https://support.apple.com/en-us/HT213183 https://support.apple.com/en-us/HT213186 https://support.apple.com/en-us/HT213187 https://support.apple.com/en-us/HT213193 https://access.redhat.com/security/cve/CVE-2022-22637 https://bugzilla.redhat.com/show_bug.cgi?id=2073903 •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-22610
https://notcve.org/view.php?id=CVE-2022-22610
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5, iOS 15.4 and iPadOS 15.4, tvOS 15.4. Processing maliciously crafted web content may lead to code execution. Se abordó un problema de corrupción de memoria con una administración de estados mejorada. Este problema ha sido corregido en macOS Monterey versión 12.3, Safari versión 15.4, watchOS versión 8.5, iOS versión 15.4 y iPadOS versión 15.4, tvOS versión 15.4. • https://support.apple.com/en-us/HT213182 https://support.apple.com/en-us/HT213183 https://support.apple.com/en-us/HT213186 https://support.apple.com/en-us/HT213187 https://support.apple.com/en-us/HT213193 • CWE-787: Out-of-bounds Write •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2022-22670
https://notcve.org/view.php?id=CVE-2022-22670
An access issue was addressed with improved access restrictions. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, watchOS 8.5. A malicious application may be able to identify what other applications a user has installed. Se abordó un problema de acceso con las restricciones de acceso mejoradas. Este problema es corregido en tvOS versión 15.4, iOS versión 15.4 y iPadOS versión 15.4, watchOS versión 8.5. • https://support.apple.com/en-us/HT213182 https://support.apple.com/en-us/HT213186 https://support.apple.com/en-us/HT213193 •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-22609
https://notcve.org/view.php?id=CVE-2022-22609
The issue was addressed with additional permissions checks. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3, watchOS 8.5. A malicious application may be able to read other applications' settings. Este problema se abordó con comprobaciones de permisos adicionales. Este problema es corregido en tvOS versión 15.4, iOS versión 15.4 y iPadOS versión 15.4, macOS Monterey versión 12.3, watchOS versión 8.5. • https://support.apple.com/en-us/HT213182 https://support.apple.com/en-us/HT213183 https://support.apple.com/en-us/HT213186 https://support.apple.com/en-us/HT213193 •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-22628 – webkitgtk: Use-after-free leading to arbitrary code execution
https://notcve.org/view.php?id=CVE-2022-22628
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5, iOS 15.4 and iPadOS 15.4, tvOS 15.4. Processing maliciously crafted web content may lead to arbitrary code execution. Se abordó un problema de uso de memoria previamente liberada con una administración de memoria mejorada. Este problema ha sido corregido en macOS Monterey versión 12.3, Safari versión 15.4, watchOS versión 8.5, iOS versión 15.4 y iPadOS versión 15.4, tvOS versión 15.4. • https://support.apple.com/en-us/HT213182 https://support.apple.com/en-us/HT213183 https://support.apple.com/en-us/HT213186 https://support.apple.com/en-us/HT213187 https://support.apple.com/en-us/HT213193 https://access.redhat.com/security/cve/CVE-2022-22628 https://bugzilla.redhat.com/show_bug.cgi?id=2073896 • CWE-416: Use After Free •