CVE-2022-26719

Name of the Vulnerable Software and Affected Versions WebKitGTK and WPE WebKit versions (affected versions not specified) tvOS versions prior to 15.5 iOS versions prior to 15.5 iPadOS versions prior to 15.5 watchOS versions prior to 8.6 macOS Monterey versions prior to 12.4 Safari versions prior to 15.5

Description The issue is related to insufficient input validation in web page rendering modules, which may allow a remote attacker to execute arbitrary code or cause a denial of service. Processing maliciously crafted web content may lead to arbitrary code execution due to a memory corruption issue addressed with improved state management.

Recommendations For tvOS versions prior to 15.5, update to tvOS 15.5 or later. For iOS versions prior to 15.5, update to iOS 15.5 or later. For iPadOS versions prior to 15.5, update to iPadOS 15.5 or later. For watchOS versions prior to 8.6, update to watchOS 8.6 or later. For macOS Monterey versions prior to 12.4, update to macOS Monterey 12.4 or later. For Safari versions prior to 15.5, update to Safari 15.5 or later. As a temporary workaround for WebKitGTK and WPE WebKit, consider restricting the processing of web content until a patch is available. At the moment, there is no information about a newer version that contains a fix for WebKitGTK and WPE WebKit.