V
Scaner-VS
ENRU
HomeCatalogSourcesCWECAPECATT&CKMitigationsProductsVendorsDocs
Back to catalog
CVE-2022-22592
AST
High

A logic issue was addressed with improved state management. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari…

CVSS
8.1
High
EPSS
0.01
p70
Published
2022-01-01
Updated
2022-01-01
Description

A logic issue was addressed with improved state management. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing maliciously crafted web content may prevent Content Security Policy from being enforced.

Tags · CWE
Pre-auth
CWE-1021
CAPEC-103
CAPEC-181
CAPEC-222
CAPEC-504
CAPEC-506
CAPEC-587
CAPEC-654
Affected products
Qtwebkit-opensource-srcQtwebkit-opensource-srcQtwebkit-opensource-srcQtwebkit-opensource-srcQtwebkit-opensource-srcQtwebkit-opensource-srcQtwebkit-opensource-srcQtwebkit-opensource-srcQtwebkit-opensource-srcQtwebkit-opensource-srcQtwebkit-sourceQtwebkit-sourceQtwebkit-sourceWebkit2gtkWebkit2gtkWebkit2gtkWebkit2gtkWebkit2gtkWebkit2gtkWebkit2gtk
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
Timeline
2022-01-01
Published
2022-01-01
Updated
CVSS 3.1 breakdown
Attack Vector
AV: N
Network (N)
Attack Complexity
AC: L
Low (L)
Privileges Required
PR: N
None (N)
User Interaction
UI: R
Required (R)
Scope
S: U
Unchanged (U)
Confidentiality Impact
C: H
High (H)
Integrity Impact
I: H
High (H)
Availability Impact
A: N
None (N)
Exploit indicators
EPSS
0.015 · p70
Known exploited (KEV)
No
MITRE ATT&CK
Inferred via CAPEC
└ via CAPEC-504 · CWE-1021
└ via CAPEC-654 · CWE-1021
└ via CAPEC-654 · CWE-1021
Known exploits — Сканер-ВС
No Сканер-ВС checks registered for this vulnerability yet.
Affected products
Debian
Webkit2gtkWpewebkit
Canonical
WebkitgtkQtwebkit-sourceQtwebkit-opensource-srcWebkit2gtkWpewebkit
Red Hat
Webkit2gtk3
Apple
MacosIpadosTvosWatchosSafariIphone
Группа Астра (РусБИТех)
Webkit2gtk
ProductVendorStatus
qtwebkit-opensource-srcTracked
qtwebkit-opensource-srcTracked
qtwebkit-opensource-srcTracked
qtwebkit-opensource-srcTracked
qtwebkit-opensource-srcTracked
qtwebkit-opensource-srcTracked
qtwebkit-opensource-srcTracked
qtwebkit-opensource-srcTracked
qtwebkit-opensource-srcTracked
qtwebkit-opensource-srcTracked
qtwebkit-sourceTracked
qtwebkit-sourceTracked
qtwebkit-sourceTracked
webkit2gtkTracked
webkit2gtkTracked
webkit2gtkTracked
webkit2gtkTracked
webkit2gtkTracked
webkit2gtkTracked
webkit2gtkTracked
Showing first 20 of 41
Source databases
AST
DEB
CVE
RED
UBU
Related vulnerabilities
BDU:2022-05722