CVE-2022-32933
published 2024-06-10CVE-2022-32933: An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in macOS Monterey 12.5. A website may be able to track the…
PriorityP426medium5.3CVSS 3.1
AVNACLPRNUINSUCLINAN
EPSS
0.42%
33.6th percentile
An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in macOS Monterey 12.5. A website may be able to track the websites a user visited in Safari private browsing mode.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | macos | < 12.5 | 12.5 |
| apple | macos | >= unspecified < 12.5 | 12.5 |
| apple | macos_monterey | — | — |
| debian | webkit2gtk | < webkit2gtk 2.38.0-1 (bookworm) | webkit2gtk 2.38.0-1 (bookworm) |
| debian | wpewebkit | < webkit2gtk 2.38.0-1 (bookworm) | webkit2gtk 2.38.0-1 (bookworm) |
CVSS provenance
nvdv3.15.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
osv5.3MEDIUM
vendor_debian5.3MEDIUM
vendor_redhat5.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-h9rg-mrq2-9rc6: An information disclosure issue was addressed by removing the vulnerable code
ghsa_unreviewed·2024-06-10
CVE-2022-32933 [MEDIUM] CWE-200 GHSA-h9rg-mrq2-9rc6: An information disclosure issue was addressed by removing the vulnerable code
An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in macOS Monterey 12.5. A website may be able to track the websites a user visited in Safari private browsing mode.
OSV
CVE-2022-32933: An information disclosure issue was addressed by removing the vulnerable code
osv·2024-06-10·CVSS 5.3
CVE-2022-32933 [MEDIUM] CVE-2022-32933: An information disclosure issue was addressed by removing the vulnerable code
An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in macOS Monterey 12.5. A website may be able to track the websites a user visited in Safari private browsing mode.
Red Hat
webkitgtk: A website may able to track visited websites in private browsing
vendor_redhat·2023-11-15·CVSS 5.3
CVE-2022-32933 [MEDIUM] CWE-841 webkitgtk: A website may able to track visited websites in private browsing
webkitgtk: A website may able to track visited websites in private browsing
An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in macOS Monterey 12.5. A website may be able to track the websites a user visited in Safari private browsing mode.
A flaw was found in webkitgtk where a website may be able to track the websites a user visited in private browsing mode.
Package: webkitgtk (Red Hat Enterprise Linux 6) - Out of support scope
Package: webkitgtk3 (Red Hat Enterprise Linux 7) - Out of support scope
Apple
CVE-2022-32933: macOS Monterey 12.5
vendor_apple·2022-07-20·CVSS 5.3
CVE-2022-32933 [MEDIUM] CVE-2022-32933: macOS Monterey 12.5
Apple Security Update: About the security content of macOS Monterey 12.5
Product: macOS Monterey
Version: 12.5
CVE: CVE-2022-32933
Component: WebKit
Impact: A website may be able to track the websites a user visited in Safari private browsing mode
Description: An information disclosure issue was addressed by removing the vulnerable code.
Debian
CVE-2022-32933: webkit2gtk - An information disclosure issue was addressed by removing the vulnerable code. T...
vendor_debian·2022·CVSS 5.3
CVE-2022-32933 [MEDIUM] CVE-2022-32933: webkit2gtk - An information disclosure issue was addressed by removing the vulnerable code. T...
An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in macOS Monterey 12.5. A website may be able to track the websites a user visited in Safari private browsing mode.
Scope: local
bookworm: resolved (fixed in 2.38.0-1)
bullseye: resolved (fixed in 2.38.0-1~deb11u1)
forky: resolved (fixed in 2.38.0-1)
sid: resolved (fixed in 2.38.0-1)
trixie: resolved (fixed in 2.38.0-1)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-06-10
Published