CVE-2022-32885

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Safari versions prior to 15.6 iOS versions prior to 15.6 iPadOS versions prior to 15.6 macOS Monterey versions prior to 12.5

Description A memory corruption issue was addressed with improved validation. Processing maliciously crafted web content may lead to arbitrary code execution. The issue is related to a buffer overflow in WPE WebKit and WebKitGTK modules, which can be exploited by a remote attacker to access confidential data, compromise data integrity, and cause a denial of service.

Recommendations For Safari versions prior to 15.6, update to Safari 15.6 to resolve the issue. For iOS versions prior to 15.6, update to iOS 15.6 to resolve the issue. For iPadOS versions prior to 15.6, update to iPadOS 15.6 to resolve the issue. For macOS Monterey versions prior to 12.5, update to macOS Monterey 12.5 to resolve the issue.

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

ALSA-2023:6535

ALSA-2023:7055

BDU:2023-03847

CESA-2023_4202

CESA-2023_7055

CVE-2022-32885

DLA-3419-1

DSA-5396-1

DSA-5396-2

DSA-5397-1

MGASA-2023-0177

RHSA-2023:4201

RHSA-2023:4202

RHSA-2023:6535

RHSA-2023:7055

RHSA-2023_4201

RHSA-2023_4202

RHSA-2023_6535

RHSA-2023_7055

RHSA-2024:8492

RHSA-2024:8496

RHSA-2024:9646

RHSA-2024:9653

RHSA-2024:9679

RHSA-2024:9680

RHSA-2025:10364

SUSE-SU-2023:2056-1

SUSE-SU-2023:2065-1

SUSE-SU-2023:2077-1

SUSE-SU-2023:2078-1

USN-6061-1

Affected Products

Almalinux

Astra Linux

Centos

Linuxmint

Apple Macos

Red Hat

Safari

Suse

Ubuntu

Ios

Ipados

Macos Monterey

CVE-2022-32885

Weakness Enumeration

Related Identifiers

Affected Products

References · 99