CVE-2022-26731Apple Macos vulnerability

5 documents3 sources
Severity
4.3MEDIUMNVD
EPSS
0.3%
top 45.42%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
6
Apple MacosApple IpadosApple Iphone OS+3 more
Timeline
PublishedMay 26
Latest updateMay 27

Description

A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. A malicious website may be able to track users in Safari private browsing mode.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages7 packages

CVEListV5apple/macosunspecified12.4+1
NVDapple/macos11.011.6.6+1
NVDapple/ipados< 15.5
Appleapple/macos_big_sur11.6.6

🔴Vulnerability Details

1
GHSA
GHSA-cgww-2mx2-cc4g: A logic issue was addressed with improved state management2022-05-27

📋Vendor Advisories

3
Apple
CVE-2022-26731: iOS 15.5 and iPadOS 15.52022-05-16
Apple
CVE-2022-26731: macOS Big Sur 11.6.62022-05-16
Apple
CVE-2022-26731: macOS Monterey 12.42022-05-16