CVE-2022-32888
webkitgtk: out-of-bounds write issue was addressed with improved bounds checking
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, watchOS 9, macOS Monterey 12.6, tvOS 16. Processing maliciously crafted web content may lead to arbitrary code execution.
Se solucionó un problema de escritura fuera de límites mejorando la verificación de límites. Este problema se solucionó en macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 y iPadOS 15.7, watchOS 9, macOS Monterey 12.6, tvOS 16. El procesamiento de contenido web creado con fines malintencionados puede provocar la ejecución de código arbitrario.
A vulnerability was found in webkitgtk, where an out-of-bounds read was addressed with improved bounds checking. Processing maliciously crafted web content may lead to arbitrary code execution.
Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-06-09 CVE Reserved
- 2022-10-31 CVE Published
- 2024-08-03 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-787: Out-of-bounds Write
CAPEC
References (11)
| URL | Tag | Source |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2022/11/04/4 | Mailing List |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://security.gentoo.org/glsa/202305-32 | 2023-05-30 | |
| https://support.apple.com/en-us/HT213443 | 2023-05-30 | |
| https://support.apple.com/en-us/HT213444 | 2023-05-30 | |
| https://support.apple.com/en-us/HT213445 | 2023-05-30 | |
| https://support.apple.com/en-us/HT213446 | 2023-05-30 | |
| https://support.apple.com/en-us/HT213486 | 2023-05-30 | |
| https://support.apple.com/en-us/HT213487 | 2023-05-30 | |
| https://support.apple.com/en-us/HT213488 | 2023-05-30 | |
| https://access.redhat.com/security/cve/CVE-2022-32888 | 2023-05-16 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2140501 | 2023-05-16 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Apple Search vendor "Apple" | Ipados Search vendor "Apple" for product "Ipados" | < 15.7 Search vendor "Apple" for product "Ipados" and version " < 15.7" | - |
Affected
| ||||||
| Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | < 15.7 Search vendor "Apple" for product "Iphone Os" and version " < 15.7" | - |
Affected
| ||||||
| Apple Search vendor "Apple" | Macos Search vendor "Apple" for product "Macos" | >= 11.0 < 11.7 Search vendor "Apple" for product "Macos" and version " >= 11.0 < 11.7" | - |
Affected
| ||||||
| Apple Search vendor "Apple" | Macos Search vendor "Apple" for product "Macos" | >= 12.0.0 < 12.6 Search vendor "Apple" for product "Macos" and version " >= 12.0.0 < 12.6" | - |
Affected
| ||||||
| Apple Search vendor "Apple" | Tvos Search vendor "Apple" for product "Tvos" | < 16.0 Search vendor "Apple" for product "Tvos" and version " < 16.0" | - |
Affected
| ||||||
| Apple Search vendor "Apple" | Watchos Search vendor "Apple" for product "Watchos" | < 9.0 Search vendor "Apple" for product "Watchos" and version " < 9.0" | - |
Affected
| ||||||