A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing a maliciously crafted mail message may lead to running arbitrary javascript.
References
Link | Resource |
---|---|
http://seclists.org/fulldisclosure/2022/May/33 | Mailing List Third Party Advisory |
http://seclists.org/fulldisclosure/2022/May/35 | Mailing List Third Party Advisory |
https://security.gentoo.org/glsa/202208-39 | Third Party Advisory |
https://support.apple.com/en-us/HT213053 | Vendor Advisory |
https://support.apple.com/en-us/HT213054 | Vendor Advisory |
https://support.apple.com/en-us/HT213057 | Vendor Advisory |
https://support.apple.com/en-us/HT213058 | Vendor Advisory |
https://support.apple.com/en-us/HT213059 | Vendor Advisory |
https://support.apple.com/kb/HT213185 | Vendor Advisory |
https://support.apple.com/kb/HT213255 | Vendor Advisory |
https://support.apple.com/kb/HT213256 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
08 Aug 2023, 14:22
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-Other | |
References | (CONFIRM) https://support.apple.com/kb/HT213255 - Vendor Advisory | |
References | (CONFIRM) https://support.apple.com/kb/HT213185 - Vendor Advisory | |
References | (FULLDISC) http://seclists.org/fulldisclosure/2022/May/35 - Mailing List, Third Party Advisory | |
References | (CONFIRM) https://support.apple.com/kb/HT213256 - Vendor Advisory | |
References | (GENTOO) https://security.gentoo.org/glsa/202208-39 - Third Party Advisory | |
References | (FULLDISC) http://seclists.org/fulldisclosure/2022/May/33 - Mailing List, Third Party Advisory | |
CPE | cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:* cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:* cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:* cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020:*:*:*:*:*:* cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:* cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-002:*:*:*:*:*:* cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:* cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-001:*:*:*:*:*:* cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-008:*:*:*:*:*:* cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:* cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:* cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-007:*:*:*:*:*:* cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:* cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:* cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-005:*:*:*:*:*:* |
01 Sep 2022, 03:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
26 May 2022, 06:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
17 May 2022, 07:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
16 May 2022, 20:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
28 Mar 2022, 17:00
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-20 | |
References | (MISC) https://support.apple.com/en-us/HT213057 - Vendor Advisory | |
References | (MISC) https://support.apple.com/en-us/HT213059 - Vendor Advisory | |
References | (MISC) https://support.apple.com/en-us/HT213053 - Vendor Advisory | |
References | (MISC) https://support.apple.com/en-us/HT213054 - Vendor Advisory | |
References | (MISC) https://support.apple.com/en-us/HT213058 - Vendor Advisory | |
CPE | cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:* cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : 4.3
v3 : 6.1 |
18 Mar 2022, 19:12
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-03-18 18:15
Updated : 2024-02-04 22:29
NVD link : CVE-2022-22589
Mitre link : CVE-2022-22589
CVE.ORG link : CVE-2022-22589
JSON object : View
Products Affected
apple
- iphone_os
- safari
- ipados
- macos
- watchos
- mac_os_x
- tvos
CWE