CVE-2022-22589

Published: Mar 18, 2022Modified: Nov 21, 2024

6.1

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Exploitability: 2.8 / Impact: 2.7

Source: NVD

Description

A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing a maliciously crafted mail message may lead to running arbitrary javascript.

Affected (22)

Products: Apple: Ipados, Iphone Os, Mac Os X, Macos, Safari, Tvos, Watchos

7 products

Configuration A

22 vulnerable

Vulnerable Software	Affected Versions
Apple Ipados	Before 15.3
Apple Iphone Os	Before 15.3
Apple Mac Os X	From 10.15 to 10.15.7
Apple Mac Os X	Version 10.15.7
Apple Mac Os X	Version 10.15.7 security_update_2020-001
Apple Mac Os X	Version 10.15.7 security_update_2020-005
Apple Mac Os X	Version 10.15.7 security_update_2020-007
Apple Mac Os X	Version 10.15.7 security_update_2020
Apple Mac Os X	Version 10.15.7 security_update_2021-001
Apple Mac Os X	Version 10.15.7 security_update_2021-002
Apple Mac Os X	Version 10.15.7 security_update_2021-003
Apple Mac Os X	Version 10.15.7 security_update_2021-006
Apple Mac Os X	Version 10.15.7 security_update_2021-007
Apple Mac Os X	Version 10.15.7 security_update_2021-008
Apple Mac Os X	Version 10.15.7 security_update_2022-001
Apple Mac Os X	Version 10.15.7 security_update_2022-002
Apple Mac Os X	Version 10.15.7 supplemental_update
Apple Macos	From 11.0 to 11.6.6
Apple Macos	From 12.0.0 to 12.2
Apple Safari	Before 15.3
Apple Tvos	Before 15.3
Apple Watchos	Before 8.4

References (22)

http://seclists.org/fulldisclosure/2022/May/33

Source: product-security@apple.com

Mailing ListThird Party Advisory

http://seclists.org/fulldisclosure/2022/May/35

Source: product-security@apple.com

Mailing ListThird Party Advisory

https://security.gentoo.org/glsa/202208-39

Source: product-security@apple.com

Third Party Advisory

https://support.apple.com/en-us/HT213053

Source: product-security@apple.com

Vendor Advisory

https://support.apple.com/en-us/HT213054

Source: product-security@apple.com

Vendor Advisory

https://support.apple.com/en-us/HT213057

Source: product-security@apple.com

Vendor Advisory

https://support.apple.com/en-us/HT213058

Source: product-security@apple.com

Vendor Advisory

https://support.apple.com/en-us/HT213059

Source: product-security@apple.com

Vendor Advisory

https://support.apple.com/kb/HT213185

Source: product-security@apple.com

Vendor Advisory

https://support.apple.com/kb/HT213255

Source: product-security@apple.com

Vendor Advisory

https://support.apple.com/kb/HT213256

Source: product-security@apple.com

Vendor Advisory

http://seclists.org/fulldisclosure/2022/May/33

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://seclists.org/fulldisclosure/2022/May/35

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

https://security.gentoo.org/glsa/202208-39

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://support.apple.com/en-us/HT213053

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://support.apple.com/en-us/HT213054

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://support.apple.com/en-us/HT213057

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://support.apple.com/en-us/HT213058

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://support.apple.com/en-us/HT213059

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://support.apple.com/kb/HT213185

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://support.apple.com/kb/HT213255

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://support.apple.com/kb/HT213256

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.