CVE-2022-32785

CWE-476NULL Pointer Dereference7 documents4 sources
Severity
5.5MEDIUM
EPSS
0.1%
top 77.37%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Apple MacosApple IpadosApple Iphone OS+1 more
Timeline
PublishedSep 23
Latest updateSep 25

Description

A null pointer dereference was addressed with improved validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing an image may lead to a denial-of-service.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages5 packages

CVEListV5apple/macosunspecified12.5+3
NVDapple/macos11.011.6.8+3
NVDapple/mac_os_x10.15.7
NVDapple/ipados< 15.6
NVDapple/iphone_os< 15.6

🔴Vulnerability Details

2
GHSA
GHSA-xch5-pwh8-cf69: A null pointer dereference was addressed with improved validation2022-09-25
CVEList
CVE-2022-32785: A null pointer dereference was addressed with improved validation2022-09-23

📋Vendor Advisories

4
Apple
CVE-2022-32785: iOS 15.6 and iPadOS 15.62022-07-20
Apple
CVE-2022-32785: macOS Monterey 12.52022-07-20
Apple
CVE-2022-32785: Security Update 2022-005 Catalina2022-07-20
Apple
CVE-2022-32785: macOS Big Sur 11.6.82022-07-20
CVE-2022-32785 (MEDIUM CVSS 5.5) | A null pointer dereference was addr | cvebase.io