{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-42856", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "dateUpdated": "2024-08-03T13:19:05.404Z", "dateReserved": "2022-10-11T00:00:00", "datePublished": "2022-12-15T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2022-12-26T00:00:00"}, "descriptions": [{"lang": "en", "value": "A type confusion issue was addressed with improved state handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.1.2. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.1.."}], "affected": [{"vendor": "Apple", "product": "tvOS", "versions": [{"version": "unspecified", "lessThan": "16.2", "status": "affected", "versionType": "custom"}]}, {"vendor": "Apple", "product": "tvOS", "versions": [{"version": "unspecified", "lessThan": "13.1", "status": "affected", "versionType": "custom"}]}, {"vendor": "Apple", "product": "tvOS", "versions": [{"version": "unspecified", "lessThan": "15.7", "status": "affected", "versionType": "custom"}]}, {"vendor": "Apple", "product": "tvOS", "versions": [{"version": "unspecified", "lessThan": "16.1", "status": "affected", "versionType": "custom"}]}, {"vendor": "Apple", "product": "tvOS", "versions": [{"version": "unspecified", "lessThan": "16.2", "status": "affected", "versionType": "custom"}]}], "references": [{"url": "https://support.apple.com/en-us/HT213535"}, {"url": "https://support.apple.com/en-us/HT213532"}, {"url": "https://support.apple.com/en-us/HT213531"}, {"url": "https://support.apple.com/en-us/HT213516"}, {"url": "https://support.apple.com/en-us/HT213537"}, {"name": "20221220 APPLE-SA-2022-12-13-2 iOS 15.7.2 and iPadOS 15.7.2", "tags": ["mailing-list"], "url": "http://seclists.org/fulldisclosure/2022/Dec/21"}, {"name": "20221220 APPLE-SA-2022-12-13-4 macOS Ventura 13.1", "tags": ["mailing-list"], "url": "http://seclists.org/fulldisclosure/2022/Dec/23"}, {"name": "20221220 APPLE-SA-2022-12-13-3 iOS 16.1.2", "tags": ["mailing-list"], "url": "http://seclists.org/fulldisclosure/2022/Dec/22"}, {"name": "20221220 APPLE-SA-2022-12-13-7 tvOS 16.2", "tags": ["mailing-list"], "url": "http://seclists.org/fulldisclosure/2022/Dec/26"}, {"name": "20221220 APPLE-SA-2022-12-13-9 Safari 16.2", "tags": ["mailing-list"], "url": "http://seclists.org/fulldisclosure/2022/Dec/28"}, {"name": "[oss-security] 20221226 WebKitGTK and WPE WebKit Security Advisory WSA-2022-0011", "tags": ["mailing-list"], "url": "http://www.openwall.com/lists/oss-security/2022/12/26/1"}, {"url": "https://security.gentoo.org/glsa/202305-32"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.1."}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T13:19:05.404Z"}, "title": "CVE Program Container", "references": [{"url": "https://support.apple.com/en-us/HT213535", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/en-us/HT213532", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/en-us/HT213531", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/en-us/HT213516", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/en-us/HT213537", "tags": ["x_transferred"]}, {"name": "20221220 APPLE-SA-2022-12-13-2 iOS 15.7.2 and iPadOS 15.7.2", "tags": ["mailing-list", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2022/Dec/21"}, {"name": "20221220 APPLE-SA-2022-12-13-4 macOS Ventura 13.1", "tags": ["mailing-list", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2022/Dec/23"}, {"name": "20221220 APPLE-SA-2022-12-13-3 iOS 16.1.2", "tags": ["mailing-list", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2022/Dec/22"}, {"name": "20221220 APPLE-SA-2022-12-13-7 tvOS 16.2", "tags": ["mailing-list", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2022/Dec/26"}, {"name": "20221220 APPLE-SA-2022-12-13-9 Safari 16.2", "tags": ["mailing-list", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2022/Dec/28"}, {"name": "[oss-security] 20221226 WebKitGTK and WPE WebKit Security Advisory WSA-2022-0011", "tags": ["mailing-list", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2022/12/26/1"}, {"url": "https://security.gentoo.org/glsa/202305-32", "tags": ["x_transferred"]}]}]}}

{}

{"cisaActionDue": "2023-01-04", "cisaExploitAdd": "2022-12-14", "cisaRequiredAction": "Apply updates per vendor instructions.", "cisaVulnerabilityName": "Apple iOS Type Confusion Vulnerability", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "matchCriteriaId": "587780B6-6F5A-4156-9A29-F23B484D65D7", "versionEndExcluding": "16.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", "matchCriteriaId": "C5892A8E-3D71-4ED7-ABFC-973DE74C2AD7", "versionEndExcluding": "15.7.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "matchCriteriaId": "2B03CFDD-AC66-4B07-A8CB-E026FCB8A1AE", "versionEndExcluding": "15.7.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "matchCriteriaId": "20B15ED6-6D4F-4C50-8E49-1A05A3CDD0F0", "versionEndExcluding": "16.1.2", "versionStartIncluding": "16.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "matchCriteriaId": "D7457023-5C4E-4935-826D-A411B0324092", "versionEndExcluding": "13.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "matchCriteriaId": "400AD564-BDEC-4C81-B650-56357BEBF0C7", "versionEndExcluding": "16.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A type confusion issue was addressed with improved state handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.1.2. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.1.."}, {"lang": "es", "value": "Se abord\u00f3 un problema l\u00f3gico con una mejor gesti\u00f3n del estado. Este problema se solucion\u00f3 en Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 y iPadOS 15.7.2, iOS 16.1.2. El procesamiento de contenido web creado con fines malintencionados puede provocar la ejecuci\u00f3n de c\u00f3digo arbitrario. Apple tiene conocimiento de un informe que indica que este problema puede haber sido explotado activamente en versiones de iOS lanzadas antes de iOS 15.1."}], "id": "CVE-2022-42856", "lastModified": "2024-06-28T13:48:32.387", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-12-15T19:15:25.123", "references": [{"source": "product-security@apple.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2022/Dec/21"}, {"source": "product-security@apple.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2022/Dec/22"}, {"source": "product-security@apple.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2022/Dec/23"}, {"source": "product-security@apple.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2022/Dec/26"}, {"source": "product-security@apple.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2022/Dec/28"}, {"source": "product-security@apple.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2022/12/26/1"}, {"source": "product-security@apple.com", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/202305-32"}, {"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/HT213516"}, {"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/HT213531"}, {"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/HT213532"}, {"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/HT213535"}, {"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/HT213537"}], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-843"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2023:0016", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "webkit2gtk3-0:2.36.7-1.el8_7.1", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2023-01-04T00:00:00Z"}, {"advisory": "RHSA-2023:0021", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "webkit2gtk3-0:2.36.7-1.el9_1.1", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2023-01-04T00:00:00Z"}], "bugzilla": {"description": "webkitgtk: processing maliciously crafted web content may lead to an arbitrary code execution", "id": "2153683", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153683"}, "csaw": true, "cvss3": {"cvss3_base_score": "8.8", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-843", "details": ["A type confusion issue was addressed with improved state handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.1.2. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.1..", "A vulnerability was found in webkitgtk, where a type confusion issue was addressed with improved memory handling. By this security flaw processing maliciously crafted web content may lead to arbitrary code execution."], "mitigation": {"lang": "en:us", "value": "Setting the environment variable JSC_useFTLJIT=0 will disable the vulnerable code. (This will also somewhat slow down JavaScript execution.)"}, "name": "CVE-2022-42856", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Will not fix", "package_name": "webkitgtk", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "webkitgtk3", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "webkitgtk4", "product_name": "Red Hat Enterprise Linux 7"}], "public_date": "2022-12-14T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-42856\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-42856\nhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog"], "statement": "Red Hat is not aware of any exploitation of this flaw in Linux platforms at this time.", "threat_severity": "Important"}