CVE-2022-42867

Name of the Vulnerable Software and Affected Versions Safari versions prior to 16.2 tvOS versions prior to 16.2 macOS Ventura versions prior to 13.1 iOS versions prior to 16.2 iPadOS versions prior to 16.2 watchOS versions prior to 9.2 WebKitGTK (affected versions not specified) WPE WebKit (affected versions not specified)

Description The issue is related to a use after free problem, which can be exploited by a remote attacker to access confidential data, compromise data integrity, and cause a denial of service. Processing maliciously crafted web content may lead to arbitrary code execution.

Recommendations For Safari version prior to 16.2, update to Safari 16.2 or later. For tvOS version prior to 16.2, update to tvOS 16.2 or later. For macOS Ventura version prior to 13.1, update to macOS Ventura 13.1 or later. For iOS version prior to 16.2, update to iOS 16.2 or later. For iPadOS version prior to 16.2, update to iPadOS 16.2 or later. For watchOS version prior to 9.2, update to watchOS 9.2 or later. For WebKitGTK and WPE WebKit, at the moment, there is no information about a newer version that contains a fix for this vulnerability.