CVE-2022-42824

Name of the Vulnerable Software and Affected Versions Safari versions prior to 16.1 tvOS versions prior to 16.1 macOS Ventura versions prior to 13 watchOS versions prior to 9.1 iOS versions prior to 16.1 iPadOS versions prior to 16.1 WebKitGTK (affected versions not specified) WPE WebKit (affected versions not specified)

Description A logic issue was addressed with improved state management. Processing maliciously crafted web content may disclose sensitive user information. The issue is related to errors in state management in WebKitGTK and WPE WebKit modules, which can allow an attacker to access confidential data.

Recommendations For Safari version prior to 16.1, update to Safari 16.1 or later. For tvOS version prior to 16.1, update to tvOS 16.1 or later. For macOS Ventura version prior to 13, update to macOS Ventura 13 or later. For watchOS version prior to 9.1, update to watchOS 9.1 or later. For iOS version prior to 16.1, update to iOS 16.1 or later. For iPadOS version prior to 16.1, update to iPadOS 16.1 or later. For WebKitGTK and WPE WebKit, at the moment, there is no information about a newer version that contains a fix for this vulnerability.