cbcvebase.
CVE-2022-32888
published 2022-11-01

CVE-2022-32888: An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and…

PriorityP352high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
EPSS
1.14%
62.8th percentile
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, watchOS 9, macOS Monterey 12.6, tvOS 16. Processing maliciously crafted web content may lead to arbitrary code execution.

Affected

22 ranges
VendorProductVersion rangeFixed in
appleios
appleios_15.7_and_ipados
appleipados< 15.715.7
appleiphone_os< 15.715.7
applemacos>= 11.0 < 11.711.7
applemacos>= 12.0.0 < 12.612.6
applemacos>= unspecified < 1313
applemacos>= unspecified < 1616
applemacos>= unspecified < 11.711.7
applemacos>= unspecified < 15.715.7
applemacos_big_sur
applemacos_monterey
applemacos_ventura
appletvos< 16.016.0
appletvos
applewatchos< 9.09.0
applewatchos>= unspecified < 99
applewatchos>= unspecified < 1616
applewatchos>= unspecified < 12.612.6
applewatchos_9
debianwebkit2gtk< webkit2gtk 2.38.0-1 (bookworm)webkit2gtk 2.38.0-1 (bookworm)
debianwpewebkit< webkit2gtk 2.38.0-1 (bookworm)webkit2gtk 2.38.0-1 (bookworm)

CVSS provenance

nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
osv8.8HIGH
vendor_debian8.8HIGH
vendor_redhat8.8HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.