cbcvebase.
CVE-2022-26766
published 2022-05-26

CVE-2022-26766: A certificate parsing issue was addressed with improved checks. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina…

medium5.5CVSS 3.1
AVLACLPRNUIRSUCNIHAN
A certificate parsing issue was addressed with improved checks. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. A malicious app may be able to bypass signature validation.

Affected

19 ranges
VendorProductVersion rangeFixed in
appleios_15.5_and_ipados
appleipados< 15.515.5
appleiphone_os< 15.515.5
applemac_os_x< 10.15.710.15.7
applemac_os_x
applemacos>= 11.0 < 11.6.611.6.6
applemacos>= 12.0 < 12.412.4
applemacos_big_sur
applemacos_monterey
applesecurity_update_2022-004_catalina
appletvos< 15.515.5
appletvos
applewatchos< 8.68.6
applewatchos
applewatchos>= unspecified < 8.68.6
applewatchos>= unspecified < 15.515.5
applewatchos>= unspecified < 20222022
applewatchos>= unspecified < 11.611.6
applewatchos>= unspecified < 12.412.4