CVE-2022-32784Sensitive Information Exposure in Apple IOS AND Ipados

CWE-200Sensitive Information Exposure5 documents4 sources
Severity
6.5MEDIUMNVD
EPSS
0.2%
top 59.49%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Apple IOS AND IpadosApple SafariApple Ipados+1 more
Timeline
PublishedFeb 27

Description

The issue was addressed with improved UI handling. This issue is fixed in Safari 15.6, iOS 15.6 and iPadOS 15.6. Visiting a maliciously crafted website may leak sensitive data.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages5 packages

CVEListV5apple/safariunspecified15.6
NVDapple/ipados< 15.6
NVDapple/safari< 15.6
CVEListV5apple/ios_and_ipadosunspecified15.6
NVDapple/iphone_os< 15.5

🔴Vulnerability Details

2
GHSA
GHSA-wc59-h2vv-mqjr: The issue was addressed with improved UI handling2023-02-27
CVEList
CVE-2022-32784: The issue was addressed with improved UI handling2023-02-27

📋Vendor Advisories

2
Apple
CVE-2022-32784: Safari 15.62022-07-20
Apple
CVE-2022-32784: iOS 15.6 and iPadOS 15.62022-07-20
CVE-2022-32784 — Sensitive Information Exposure | cvebase