Home > Vulnerability Database > CVE-2022-42856

Mend.io Vulnerability Database

CVE-2022-42856

Date: December 15, 2022

A type confusion issue was addressed with improved state handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.1.2. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.1..

Severity Score

8.8

Related Resources (16)

Url: https://access.redhat.com/security/cve/CVE-2022-42856

Url: https://nvd.nist.gov/vuln/detail/CVE-2022-42856

Url: http://seclists.org/fulldisclosure/2022/Dec/23

Url: http://seclists.org/fulldisclosure/2022/Dec/22

Url: http://seclists.org/fulldisclosure/2022/Dec/21

Url: https://security-tracker.debian.org/tracker/CVE-2022-42856

Url: http://www.openwall.com/lists/oss-security/2022/12/26/1

Url: http://seclists.org/fulldisclosure/2022/Dec/26

Url: https://support.apple.com/en-us/HT213531

Url: https://support.apple.com/en-us/HT213532

Url: https://security.gentoo.org/glsa/202305-32

Url: https://support.apple.com/en-us/HT213537

Url: https://support.apple.com/en-us/HT213516

Url: https://support.apple.com/en-us/HT213535

Url: http://seclists.org/fulldisclosure/2022/Dec/28

Url: https://www.mend.io/vulnerability-database/CVE-2022-42856

Severity Score

8.8

Weakness Type (CWE)

Access of Resource Using Incompatible Type ('Type Confusion')

CWE-843

CVSS v3.1

Base Score:	8.8
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	REQUIRED
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2022-42856

Date: December 15, 2022

Severity Score

Related Resources (16)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?