CVE-2022-22589
Description
A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing a maliciously crafted mail message may lead to running arbitrary javascript.
CWE
- (none)
Affected
- Apple / iOS and iPadOS — v=unspecified <15.3 [affected]
- Apple / macOS — v=unspecified <12.2 [affected]
- Apple / tvOS — v=unspecified <15.3 [affected]
- Apple / tvOS — v=unspecified <15.3 [affected]
- Apple / watchOS — v=unspecified <8.4 [affected]
CVSS
- (none)
References
- https://support.apple.com/kb/HT213185 x_refsource_CONFIRM
- https://support.apple.com/en-us/HT213053 x_refsource_MISC
- https://support.apple.com/en-us/HT213054 x_refsource_MISC
- https://support.apple.com/en-us/HT213057 x_refsource_MISC
- https://support.apple.com/en-us/HT213059 x_refsource_MISC
- https://support.apple.com/en-us/HT213058 x_refsource_MISC
- https://support.apple.com/kb/HT213256 x_refsource_CONFIRM
- https://support.apple.com/kb/HT213255 x_refsource_CONFIRM
- http://seclists.org/fulldisclosure/2022/May/33 mailing-list, x_refsource_FULLDISC
- http://seclists.org/fulldisclosure/2022/May/35 mailing-list, x_refsource_FULLDISC
- https://security.gentoo.org/glsa/202208-39 vendor-advisory, x_refsource_GENTOO
Source
cvelistV5-main/cves/2022/22xxx/CVE-2022-22589.json