CVE-2022-22594

medium

Description

A cross-origin issue in the IndexDB API was addressed with improved input validation. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. A website may be able to track sensitive user information.

References

References
More

https://www.tenable.com/cyber-exposure/tenable-2022-threat-landscape-report

https://support.apple.com/en-us/103177

https://support.apple.com/en-us/103176

https://support.apple.com/en-us/103175

https://support.apple.com/en-us/103172

https://support.apple.com/en-us/102848

https://support.apple.com/en-us/HT213059

https://support.apple.com/en-us/HT213058

https://support.apple.com/en-us/HT213057

https://support.apple.com/en-us/HT213054

https://support.apple.com/en-us/HT213053

Details

Source: Mitre, NVD

Published: 2022-03-18

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Severity: Medium

EPSS

EPSS: 0.00082