PT-2022-21554 · Apple+3 · Safari+7

Real_As3617

Published

2022-08-16

Updated

2023-05-30

CVE-2022-32891

CVSS v3.1

6.1

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Safari versions prior to 16 tvOS versions prior to 16 watchOS versions prior to 9 iOS versions prior to 16

Description The issue was addressed with improved UI handling. Visiting a website that frames malicious content may lead to UI spoofing.

Recommendations For Safari versions prior to 16, update to Safari 16 to resolve the issue. For tvOS versions prior to 16, update to tvOS 16 to resolve the issue. For watchOS versions prior to 9, update to watchOS 9 to resolve the issue. For iOS versions prior to 16, update to iOS 16 to resolve the issue.

Fix

Clickjacking

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-1021

Related Identifiers

CESA-2022_7704

CVE-2022-32891

DLA-3073-1

DSA-5210-1

DSA-5211-1

MGASA-2022-0346

RHSA-2022:7704

RHSA-2022:8054

RHSA-2022_7704

RHSA-2022_8054

RHSA-2025:10364

Affected Products

Astra Linux

Centos

Apple Macos

Red Hat

Safari

Ios

Tvos

Watchos

PT-2022-21554 · Apple+3 · Safari+7

CVE-2022-32891

Weakness Enumeration

Related Identifiers

Affected Products

References · 24