[Forgot Password]
Login  Register Subscribe

30192

 
 

423868

 
 

233697

 
 

909

 
 

186637

 
 

207

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2022-22594Date: (C)2022-01-29   (M)2023-12-06


A cross-origin issue in the IndexDB API was addressed with improved input validation. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. A website may be able to track sensitive user information.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : 6.5CVSS Score : 4.3
Exploit Score: 2.8Exploit Score: 8.6
Impact Score: 3.6Impact Score: 2.9
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: NETWORKAccess Vector: NETWORK
Attack Complexity: LOWAccess Complexity: MEDIUM
Privileges Required: NONEAuthentication: NONE
User Interaction: REQUIREDConfidentiality: PARTIAL
Scope: UNCHANGEDIntegrity: NONE
Confidentiality: HIGHAvailability: NONE
Integrity: NONE 
Availability: NONE 
  
Reference:
https://support.apple.com/en-us/HT213053
https://support.apple.com/en-us/HT213054
https://support.apple.com/en-us/HT213057
https://support.apple.com/en-us/HT213058
https://support.apple.com/en-us/HT213059

CPE    1
cpe:/a:apple:safari
CWE    1
CWE-346
OVAL    21
oval:org.secpod.oval:def:605781
oval:org.secpod.oval:def:605787
oval:org.secpod.oval:def:78157
oval:org.secpod.oval:def:88333
...

© SecPod Technologies