CVE-2022-32923

medium

Description

A correctness issue in the JIT was addressed with improved checks. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content may disclose internal states of the app.

References

https://security.gentoo.org/glsa/202305-32

http://www.openwall.com/lists/oss-security/2022/11/04/4

https://support.apple.com/en-us/HT213490

https://support.apple.com/en-us/HT213489

https://support.apple.com/en-us/HT213495

https://support.apple.com/en-us/HT213492

https://support.apple.com/en-us/HT213491

https://support.apple.com/en-us/HT213488

Details

Source: Mitre, NVD

Published: 2022-11-01

Updated: 2023-05-30

Risk Information

CVSS v2

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N

Severity: High

CVSS v3

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Severity: Medium

EPSS

EPSS: 0.00182