CVE-2022-22594

medium

Description

A cross-origin issue in the IndexDB API was addressed with improved input validation. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. A website may be able to track sensitive user information.

References

https://support.apple.com/en-us/HT213053

https://support.apple.com/en-us/HT213054

https://support.apple.com/en-us/HT213057

https://support.apple.com/en-us/HT213058

https://support.apple.com/en-us/HT213059

Details

Source: Mitre, NVD

Published: 2022-03-18

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Severity: Medium