Co0Py_Cat

**Name of the Vulnerable Software and Affected Versions** Apple tvOS versions prior to 15.6 Apple iOS versions prior to 15.6 Apple iPadOS versions prior to 15.6 **Description** An out-of-bounds read issue was addressed with improved bounds checking. Processing a maliciously crafted image may lead to disclosure of user information. **Recommendations** For tvOS versions prior to 15.6, update to tvOS 15.6 or later. For iOS versions prior to 15.6, update to iOS 15.6 or later. For iPadOS versions prior to 15.6, update to iPadOS 15.6 or later.

**Name of the Vulnerable Software and Affected Versions** Apple macOS versions prior to macOS Big Sur 11.6.8 Apple macOS versions prior to macOS Monterey 12.5 Apple macOS Catalina version with Security Update 2022-005 **Description** The issue concerns the processing of maliciously crafted AppleScript binaries, which may lead to unexpected termination or disclosure of process memory. This is related to untrusted pointer dereference and out-of-bounds read issues in AppleScript binary parsing. **Recommendations** For macOS Catalina, apply Security Update 2022-005 to resolve the issue. For macOS Big Sur, update to version 11.6.8 or later to resolve the issue. For macOS Monterey, update to version 12.5 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 11.6.8 macOS versions prior to 12.5 macOS Catalina with Security Update 2022-005 **Description** An out-of-bounds read issue was addressed with improved input validation. Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory. **Recommendations** For macOS versions prior to 11.6.8, update to macOS Big Sur 11.6.8 to resolve the issue. For macOS versions prior to 12.5, update to macOS Monterey 12.5 to resolve the issue. For macOS Catalina, apply Security Update 2022-005 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 12.5 **Description** An out-of-bounds read issue was addressed with improved input validation. Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory. **Recommendations** For versions prior to 12.5, update to macOS Monterey 12.5 to resolve the issue. As a temporary workaround, consider avoiding the use of maliciously crafted AppleScript binaries until the update is applied.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 11.6.8 macOS versions prior to 12.5 **Description** An out-of-bounds read issue was addressed with improved input validation. Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory. **Recommendations** For macOS versions prior to 11.6.8, update to macOS Big Sur 11.6.8 or later. For macOS versions prior to 12.5, update to macOS Monterey 12.5 or later. As a temporary workaround, consider restricting the use of AppleScript binaries until a patch is available.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 11.6.8 macOS versions prior to 12.5 macOS Catalina (affected versions not specified), with fix in Security Update 2022-005 **Description** The issue is related to an out-of-bounds read that can be triggered by processing a maliciously crafted AppleScript binary. This may result in unexpected termination or disclosure of process memory. The estimated number of potentially affected devices and details about real-world incidents are not provided. **Recommendations** For macOS versions prior to 11.6.8, update to macOS Big Sur 11.6.8 or later. For macOS versions prior to 12.5, update to macOS Monterey 12.5 or later. For macOS Catalina, apply Security Update 2022-005.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 12.4 macOS Big Sur versions prior to 11.6.6 macOS Catalina versions prior to Security Update 2022-004 **Description** An out-of-bounds read issue was addressed with improved bounds checking. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory. **Recommendations** For macOS versions prior to 12.4, update to macOS Monterey 12.4 or later. For macOS Big Sur versions prior to 11.6.6, update to macOS Big Sur 11.6.6 or later. For macOS Catalina versions prior to Security Update 2022-004, apply Security Update 2022-004.

**Name of the Vulnerable Software and Affected Versions** HEVC Video Extensions (affected versions not specified) **Description** The issue is related to insufficient input validation in the HEVC Video Extensions codec. This can allow a remote attacker to execute arbitrary code. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** HEVC Video Extensions (affected versions not specified) **Description** The issue is related to insufficient input validation in the HEVC Video Extensions codec. This can allow a remote attacker to execute arbitrary code. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 12.1 iOS versions prior to 15.2 iPadOS versions prior to 15.2 macOS Big Sur versions prior to 11.6.2 macOS Catalina versions prior to Security Update 2021-008 **Description** An out-of-bounds write issue was addressed with improved bounds checking. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution. **Recommendations** For macOS versions prior to 12.1, update to macOS Monterey 12.1 or later. For iOS versions prior to 15.2, update to iOS 15.2 or later. For iPadOS versions prior to 15.2, update to iPadOS 15.2 or later. For macOS Big Sur versions prior to 11.6.2, update to macOS Big Sur 11.6.2 or later. For macOS Catalina versions prior to Security Update 2021-008, apply Security Update 2021-008 or later.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 12.1 iOS versions prior to 15.2 iPadOS versions prior to 15.2 macOS Big Sur versions prior to 11.6.2 macOS Catalina versions prior to Security Update 2021-008 **Description** An out-of-bounds read issue was addressed with improved input validation. Processing a maliciously crafted file may disclose user information. **Recommendations** For macOS versions prior to 12.1, update to macOS Monterey 12.1 or later. For iOS versions prior to 15.2, update to iOS 15.2 or later. For iPadOS versions prior to 15.2, update to iPadOS 15.2 or later. For macOS Big Sur versions prior to 11.6.2, update to macOS Big Sur 11.6.2 or later. For macOS Catalina versions prior to Security Update 2021-008, apply Security Update 2021-008 or later.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 14.7 macOS Big Sur versions prior to 11.5 watchOS versions prior to 7.6 tvOS versions prior to 14.7 iCloud for Windows versions prior to 12.5 iTunes for Windows versions prior to 12.11.4 **Description** The issue was addressed with improved checks. Processing a maliciously crafted image may lead to arbitrary code execution. **Recommendations** For iOS versions prior to 14.7, update to iOS 14.7 to resolve the issue. For macOS Big Sur versions prior to 11.5, update to macOS Big Sur 11.5 to resolve the issue. For watchOS versions prior to 7.6, update to watchOS 7.6 to resolve the issue. For tvOS versions prior to 14.7, update to tvOS 14.7 to resolve the issue. For iCloud for Windows versions prior to 12.5, update to iCloud for Windows 12.5 to resolve the issue. For iTunes for Windows versions prior to 12.11.4, update to iTunes for Windows 12.11.4 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 14.6 iPadOS versions prior to 14.6 tvOS versions prior to 14.6 watchOS versions prior to 7.5 macOS Big Sur versions prior to 11.4 macOS Mojave versions prior to Security Update 2021-004 macOS Catalina versions prior to Security Update 2021-003 **Description** The issue is related to a buffer overflow in the ImageIO component, which can be exploited by processing a maliciously crafted ASTC file, potentially disclosing memory contents. This may allow an attacker to access confidential information using a specially crafted malicious ASTC file. **Recommendations** For iOS versions prior to 14.6, update to iOS 14.6 or later. For iPadOS versions prior to 14.6, update to iPadOS 14.6 or later. For tvOS versions prior to 14.6, update to tvOS 14.6 or later. For watchOS versions prior to 7.5, update to watchOS 7.5 or later. For macOS Big Sur versions prior to 11.4, update to macOS Big Sur 11.4 or later. For macOS Mojave versions prior to Security Update 2021-004, apply Security Update 2021-004 or later. For macOS Catalina versions prior to Security Update 2021-003, apply Security Update 2021-003 or later.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 11.4 tvOS versions prior to 14.6 watchOS versions prior to 7.5 iOS versions prior to 14.6 iPadOS versions prior to 14.6 **Description** The issue is related to the processing of maliciously crafted images, which may lead to the disclosure of user information. It is associated with a buffer overflow vulnerability in the ImageIO component, allowing an attacker to access confidential information. **Recommendations** For macOS versions prior to 11.4, update to macOS Big Sur 11.4 to resolve the issue. For tvOS versions prior to 14.6, update to tvOS 14.6 to resolve the issue. For watchOS versions prior to 7.5, update to watchOS 7.5 to resolve the issue. For iOS versions prior to 14.6, update to iOS 14.6 to resolve the issue. For iPadOS versions prior to 14.6, update to iPadOS 14.6 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 11.3 iOS versions prior to 14.5 iPadOS versions prior to 14.5 watchOS versions prior to 7.4 tvOS versions prior to 14.5 **Description** Processing a maliciously crafted image may lead to arbitrary code execution. The issue was addressed with improved checks. **Recommendations** For macOS versions prior to 11.3, update to macOS Big Sur 11.3. For iOS versions prior to 14.5, update to iOS 14.5. For iPadOS versions prior to 14.5, update to iPadOS 14.5. For watchOS versions prior to 7.4, update to watchOS 7.4. For tvOS versions prior to 14.5, update to tvOS 14.5.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 11.3 iOS versions prior to 14.5 iPadOS versions prior to 14.5 watchOS versions prior to 7.4 tvOS versions prior to 14.5 **Description** The issue is related to a buffer out-of-bounds read in memory, which can be exploited to execute arbitrary code. This can occur when processing a maliciously crafted image. The estimated number of potentially affected devices worldwide is not specified. There is no information about real-world incidents where this issue was exploited. **Recommendations** For macOS versions prior to 11.3, update to macOS Big Sur 11.3 or later. For iOS versions prior to 14.5, update to iOS 14.5 or later. For iPadOS versions prior to 14.5, update to iPadOS 14.5 or later. For watchOS versions prior to 7.4, update to watchOS 7.4 or later. For tvOS versions prior to 14.5, update to tvOS 14.5 or later.

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 11.3 watchOS versions prior to 7.4 Description: The issue allows arbitrary code execution when processing a maliciously crafted image. Recommendations: For macOS versions prior to 11.3, update to macOS Big Sur 11.3 to resolve the issue. For watchOS versions prior to 7.4, update to watchOS 7.4 to resolve the issue.

Name of the Vulnerable Software and Affected Versions: macOS Big Sur versions prior to 11.3 watchOS versions prior to 7.4 Description: The issue allows arbitrary code execution when processing a maliciously crafted image. This is due to insufficient checks that have been improved in the fixed versions. Recommendations: For macOS Big Sur versions prior to 11.3, update to macOS Big Sur 11.3 to resolve the issue. For watchOS versions prior to 7.4, update to watchOS 7.4 to resolve the issue.