CVE-2022-46692

Severity

55%

Complexity

18%

Confidentiality

60%

A logic issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, iOS 15.7.2 and iPadOS 15.7.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may bypass Same Origin Policy.

CVSS 3.1 Base Score 5.5. CVSS Attack Vector: local. CVSS Attack Complexity: low. CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N).

Overview

First reported 2 years ago

2022-12-15 19:15:00

Last updated 2 years ago

2022-12-21 06:15:00

Affected Software

Apple Safari

References

https://support.apple.com/en-us/HT213531

https://support.apple.com/en-us/HT213532

https://support.apple.com/en-us/HT213530

https://support.apple.com/en-us/HT213537

https://support.apple.com/en-us/HT213538

https://support.apple.com/en-us/HT213535

https://support.apple.com/en-us/HT213536

https://support.apple.com/en-us/HT213531

Release Notes, Vendor Advisory

https://support.apple.com/en-us/HT213532

Release Notes, Vendor Advisory

https://support.apple.com/en-us/HT213530

Vendor Advisory

https://support.apple.com/en-us/HT213537

Release Notes, Vendor Advisory

https://support.apple.com/en-us/HT213538

Vendor Advisory

https://support.apple.com/en-us/HT213535

Release Notes, Vendor Advisory

https://support.apple.com/en-us/HT213536

Vendor Advisory

20221220 APPLE-SA-2022-12-13-7 tvOS 16.2

20221220 APPLE-SA-2022-12-13-9 Safari 16.2

20221220 APPLE-SA-2022-12-13-1 iOS 16.2 and iPadOS 16.2

20221220 APPLE-SA-2022-12-13-2 iOS 15.7.2 and iPadOS 15.7.2

20221220 APPLE-SA-2022-12-13-4 macOS Ventura 13.1

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.