Vulnerability in Apple Ios
CVE-2022-32886
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7. Processing maliciously crafted web content may lead to arbitrary code execution.
EPSS: 0.020 (83.9th percentile) — read the EPSS interpretation.
Affected products
- Apple Ios — versions unspecified
- Apple Ios And Ipados — versions unspecified
- Apple Safari — versions unspecified
Public proof-of-concept exploits
References
- support.apple.com/en-us/HT213446
- support.apple.com/en-us/HT213445
- support.apple.com/en-us/HT213442
- FEDORA-2022-0c00617967 (vendor-advisory)
- FEDORA-2022-a77b646471 (vendor-advisory)
- FEDORA-2022-ece798a8d4 (vendor-advisory)
- DSA-5240 (vendor-advisory)
- DSA-5241 (vendor-advisory)
- [debian-lts-announce] 20220929 [SECURITY] [DLA 3124-1] webkit2gtk security update (mailing-list)
- 20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13 (mailing-list)
Frequently asked questions
- What is CVE-2022-32886?
- CVE-2022-32886 is a vulnerability in Apple Ios. Published 2022-09-20.
- Is CVE-2022-32886 known to be exploited?
- 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.