CVE-2022-32888

{"id": "CVE-2022-32888", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2022-11-01T20:15:18.587", "references": [{"url": "http://www.openwall.com/lists/oss-security/2022/11/04/4", "tags": ["Mailing List", "Third Party Advisory"], "source": "product-security@apple.com"}, {"url": "https://security.gentoo.org/glsa/202305-32", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/HT213443", "tags": ["Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/HT213444", "tags": ["Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/HT213445", "tags": ["Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/HT213446", "tags": ["Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/HT213486", "tags": ["Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/HT213487", "tags": ["Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/HT213488", "tags": ["Vendor Advisory"], "source": "product-security@apple.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, watchOS 9, macOS Monterey 12.6, tvOS 16. Processing maliciously crafted web content may lead to arbitrary code execution."}, {"lang": "es", "value": "Se solucion\u00f3 un problema de escritura fuera de l\u00edmites mejorando la verificaci\u00f3n de l\u00edmites. Este problema se solucion\u00f3 en macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 y iPadOS 15.7, watchOS 9, macOS Monterey 12.6, tvOS 16. El procesamiento de contenido web creado con fines malintencionados puede provocar la ejecuci\u00f3n de c\u00f3digo arbitrario."}], "lastModified": "2023-05-30T06:15:20.307", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "613EE342-B8E6-4E88-B8F5-CCD918F2D704", "versionEndExcluding": "15.7"}, {"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B639E246-8791-46E2-BAB9-E9B9E79C0F8D", "versionEndExcluding": "15.7"}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8400BA2C-947C-40A8-AD5A-9BF477397E0D", "versionEndExcluding": "11.7", "versionStartIncluding": "11.0"}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "09A274B0-D746-4C2E-A03A-CDC28DB3333E", "versionEndExcluding": "12.6", "versionStartIncluding": "12.0.0"}, {"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "534DED19-82FC-4E39-BFD3-F2FE5C71A66B", "versionEndExcluding": "16.0"}, {"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "712A2CD4-6807-496A-8467-BFB138371E51", "versionEndExcluding": "9.0"}], "operator": "OR"}]}], "sourceIdentifier": "product-security@apple.com"}