CVE-2022-22662

CVSS v2.0

7.1

High

Vector

AV:N/AC:M/Au:N/C:C/I:N/A:N

Name of the Vulnerable Software and Affected Versions macOS versions prior to Big Sur 11.6.5 Security Update 2022-003 Catalina

Description A cookie management issue was addressed with improved state management. Processing maliciously crafted web content may disclose sensitive user information. The issue is related to the WebKitGTK module and allows a remote attacker to access confidential data by exploiting the vulnerability.

Recommendations For macOS versions prior to Big Sur 11.6.5, apply Security Update 2022-003 Catalina to fix the issue. For other affected versions, update to macOS Big Sur 11.6.5 or later to resolve the vulnerability. As a temporary workaround, consider restricting access to maliciously crafted web content until a patch is available.

Fix

Exposure of Resource to Wrong Sphere

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-668

Related Identifiers

ALSA-2022:7704

ALSA-2022:8054

BDU:2022-05789

CESA-2022_7704

CVE-2022-22662

DSA-5115-1

DSA-5116-1

MGASA-2022-0254

OPENSUSE-SU-2022_2523-1

OPENSUSE-SU-2022_2525-1

RHSA-2022:7704

RHSA-2022:8054

RHSA-2022_7704

RHSA-2022_8054

RHSA-2025:10364

RLSA-2022:7704

RLSA-2022:8054

SUSE-SU-2022:2522-1

SUSE-SU-2022:2523-1

SUSE-SU-2022:2524-1

SUSE-SU-2022:2525-1

SUSE-SU-2022_2522-1

SUSE-SU-2022_2523-1

SUSE-SU-2022_2524-1

SUSE-SU-2022_2525-1

Affected Products

Almalinux

Astra Linux

Centos

Apple Macos

Red Hat

Red Os

Rocky Linux

Suse

Itunes

CVE-2022-22662

Weakness Enumeration

Related Identifiers

Affected Products

References · 94