CVE-2022-42823
See a problem?- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-42823
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-42823.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2022-42823
- Related
- Published
- 2022-11-01T20:15:24Z
- Modified
- 2024-09-18T03:18:02.590560Z
- Severity
-
- 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content may lead to arbitrary code execution.
- References
-
- https://security.gentoo.org/glsa/202305-32
- https://support.apple.com/en-us/HT213488
- https://support.apple.com/en-us/HT213489
- https://support.apple.com/en-us/HT213491
- https://support.apple.com/en-us/HT213492
- https://support.apple.com/en-us/HT213495
- https://www.debian.org/security/2022/dsa-5273
- https://www.debian.org/security/2022/dsa-5274
- http://www.openwall.com/lists/oss-security/2022/11/04/4
- https://lists.debian.org/debian-lts-announce/2022/11/msg00010.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5LF4LYP725XZ7RWOPFUV6DGPN4Q5DUU4/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AQKLEGJK3LHAKUQOLBHNR2DI3IUGLLTY/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JOFKX6BUEJFECSVFV6P5INQCOYQBB4NZ/
- https://security-tracker.debian.org/tracker/CVE-2022-42823
Affected packages
Debian:11 / webkit2gtk
Package
- Name
- webkit2gtk
- Purl
- pkg:deb/debian/webkit2gtk?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.38.2-1~deb11u1
Affected versions
2.*
2.32.3-1
2.32.4-1~deb10u1
2.32.4-1~deb11u1
2.32.4-1
2.33.1-1
2.33.2-1
2.33.3-1
2.33.90-1
2.33.91-1
2.34.0-1~bpo11+1
2.34.0-1
2.34.1-1~deb10u1
2.34.1-1~deb11u1
2.34.1-1
2.34.2-1~bpo11+1
2.34.2-1
2.34.3-1~deb10u1
2.34.3-1~deb11u1
2.34.3-1
2.34.4-1~deb10u1
2.34.4-1~deb11u1
2.34.4-1
2.34.5-1
2.34.6-1~deb10u1
2.34.6-1~deb11u1
2.34.6-1
2.35.1-1
2.35.2-1
2.35.3-1
2.35.90-1
2.36.0-1
2.36.0-2
2.36.0-3~deb10u1
2.36.0-3~deb11u1
2.36.0-3
2.36.1-1
2.36.2-1
2.36.3-1~deb10u1
2.36.3-1~deb11u1
2.36.3-1
2.36.4-1~deb10u1
2.36.4-1~deb11u1
2.36.4-1
2.36.6-1~deb10u1
2.36.6-1~deb11u1
2.36.6-1
2.36.7-1~deb10u1
2.36.7-1~deb11u1
2.36.7-1
2.37.1-1
2.37.1-2
2.37.90-1
2.37.91-1
2.38.0-1~deb10u1
2.38.0-1~deb11u1
2.38.0-1
2.38.0-2
2.38.0-3
2.38.1-1
2.38.2-1~deb10u1
Debian:12 / webkit2gtk
Package
- Name
- webkit2gtk
- Purl
- pkg:deb/debian/webkit2gtk?arch=source
Debian:13 / webkit2gtk
Package
- Name
- webkit2gtk
- Purl
- pkg:deb/debian/webkit2gtk?arch=source
Debian:11 / wpewebkit
Package
- Name
- wpewebkit
- Purl
- pkg:deb/debian/wpewebkit?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.38.2-1~deb11u1
Affected versions
2.*
2.32.3-2
2.32.4-1~deb11u1
2.32.4-1
2.34.1-1~deb11u1
2.34.1-1
2.34.2-1
2.34.3-1~deb11u1
2.34.3-1
2.34.4-1~deb11u1
2.34.4-1
2.34.5-1
2.34.6-1~deb11u1
2.34.6-1
2.36.0-1
2.36.0-2~deb11u1
2.36.0-2
2.36.1-1
2.36.3-1~deb11u1
2.36.3-1
2.36.4-1~deb11u1
2.36.4-1
2.36.6-1~deb11u1
2.36.6-1
2.36.7-1~deb11u1
2.36.7-1
2.38.0-1~deb11u1
2.38.0-1
2.38.1-1
Debian:12 / wpewebkit
Package
- Name
- wpewebkit
- Purl
- pkg:deb/debian/wpewebkit?arch=source
Debian:13 / wpewebkit
Package
- Name
- wpewebkit
- Purl
- pkg:deb/debian/wpewebkit?arch=source