CVE-2022-22594
A cross-origin issue in the IndexDB API was addressed with improved input validation. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. A website may be able to track sensitive user information.
Published
2022-03-18T18:15:12.850
Last Modified
2024-11-21T06:47:05.443
Status
Modified
Source
[email protected]
Severity
CVSSv3.1: 6.5 (MEDIUM)
CVSSv2 Vector
AV:N/AC:M/Au:N/C:P/I:N/A:N
- Access Vector: NETWORK
- Access Complexity: MEDIUM
- Authentication: NONE
- Confidentiality Impact: PARTIAL
- Integrity Impact: NONE
- Availability Impact: NONE
Exploitability Score
8.6
Impact Score
2.9
Weaknesses
Affected Vendors & Products
References
-
https://support.apple.com/en-us/HT213053
Release Notes, Vendor Advisory
([email protected])
-
https://support.apple.com/en-us/HT213054
Release Notes, Vendor Advisory
([email protected])
-
https://support.apple.com/en-us/HT213057
Release Notes, Vendor Advisory
([email protected])
-
https://support.apple.com/en-us/HT213058
Release Notes, Vendor Advisory
([email protected])
-
https://support.apple.com/en-us/HT213059
Release Notes, Vendor Advisory
([email protected])
-
https://support.apple.com/en-us/HT213053
Release Notes, Vendor Advisory
(af854a3a-2127-422b-91ae-364da2661108)
-
https://support.apple.com/en-us/HT213054
Release Notes, Vendor Advisory
(af854a3a-2127-422b-91ae-364da2661108)
-
https://support.apple.com/en-us/HT213057
Release Notes, Vendor Advisory
(af854a3a-2127-422b-91ae-364da2661108)
-
https://support.apple.com/en-us/HT213058
Release Notes, Vendor Advisory
(af854a3a-2127-422b-91ae-364da2661108)
-
https://support.apple.com/en-us/HT213059
Release Notes, Vendor Advisory
(af854a3a-2127-422b-91ae-364da2661108)