CVE-2022-22590

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing maliciously crafted web content may lead to arbitrary code execution.

Published: Mar 18, 2022
Updated: Apr 14, 2023
CVE: CVE-2022-22590
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.8
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS v2:

Severity: Medium
Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

CWE-416

Affected Software
References

Software	From	Fixed in
apple / watchos	-	8.4
apple / iphone_os	-	15.3
apple / ipados	-	15.3
apple / macos	12.0.0	12.2
apple / safari	-	15.3
apple / tvos	-	8.4
webkitgtk / webkitgtk	-	2.36.7

https://security.gentoo.org/glsa/202208-39
https://support.apple.com/en-us/HT213053
https://support.apple.com/en-us/HT213054
https://support.apple.com/en-us/HT213057
https://support.apple.com/en-us/HT213058
https://support.apple.com/en-us/HT213059

Vulnerability Database

289,599

CVE-2022-22590