CVE-2022-22589
published 2022-03-18CVE-2022-22589: A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS…
medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing a maliciously crafted mail message may lead to running arbitrary javascript.
Affected
23 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ios_15.3_and_ipados | — | — |
| apple | ios_and_ipados | >= unspecified < 15.3 | 15.3 |
| apple | ipados | < 15.3 | 15.3 |
| apple | iphone_os | < 15.3 | 15.3 |
| apple | mac_os_x | — | — |
| apple | mac_os_x | >= 10.15 < 10.15.7 | 10.15.7 |
| apple | macos | >= 11.0 < 11.6.6 | 11.6.6 |
| apple | macos | >= 12.0.0 < 12.2 | 12.2 |
| apple | macos | >= unspecified < 12.2 | 12.2 |
| apple | macos_big_sur | — | — |
| apple | macos_monterey | — | — |
| apple | safari | < 15.3 | 15.3 |
| apple | safari | — | — |
| apple | security_update_2022-003_catalina | — | — |
| apple | security_update_2022-004_catalina | — | — |
| apple | tvos | < 15.3 | 15.3 |
| apple | tvos | — | — |
| apple | tvos | >= unspecified < 15.3 | 15.3 |
| apple | watchos | < 8.4 | 8.4 |
| apple | watchos | — | — |
| apple | watchos | >= unspecified < 8.4 | 8.4 |
| debian | webkit2gtk | < webkit2gtk 2.34.5-1 (bookworm) | webkit2gtk 2.34.5-1 (bookworm) |
| debian | wpewebkit | < webkit2gtk 2.34.5-1 (bookworm) | webkit2gtk 2.34.5-1 (bookworm) |
CVSS provenance
nvdv3.16.1MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
osv6.1MEDIUM