Detections
Analytics

CVE-2022-22589

medium

Description

A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing a maliciously crafted mail message may lead to running arbitrary javascript.

References

https://security.gentoo.org/glsa/202208-39

http://seclists.org/fulldisclosure/2022/May/35

http://seclists.org/fulldisclosure/2022/May/33

https://support.apple.com/en-us/HT213256

https://support.apple.com/en-us/102770

https://support.apple.com/en-us/103177

https://support.apple.com/en-us/103176

https://support.apple.com/en-us/103175

https://support.apple.com/en-us/103172

https://support.apple.com/en-us/102848

https://support.apple.com/kb/HT213256

https://support.apple.com/kb/HT213255

https://support.apple.com/kb/HT213185

https://support.apple.com/en-us/HT213059

https://support.apple.com/en-us/HT213058

https://support.apple.com/en-us/HT213057

https://support.apple.com/en-us/HT213054

https://support.apple.com/en-us/HT213053

Details

Source: Mitre, NVD

Published: 2022-03-18

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 6.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Severity: Medium

EPSS

EPSS: 0.00216