CVE-2022-22662

CVE-2022-22662

Name

CVE-2022-22662

Description

A cookie management issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Big Sur 11.6.5. Processing maliciously crafted web content may disclose sensitive user information.

NVD Severity

medium

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
MISC	https://support.apple.com/en-us/HT213184
MISC	https://support.apple.com/en-us/HT213185
Mailing List	http://www.openwall.com/lists/oss-security/2022/07/05/3
Mailing List	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ANNHXXARVBRGI74TVQNZOAG6P7AGSMUJ/
Mailing List	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/33BWWAQLLBHKGSI332ZZCORTFZ2XLOIH/
Third Party Advisory	https://security.gentoo.org/glsa/202208-39
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ANNHXXARVBRGI74TVQNZOAG6P7AGSMUJ/
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33BWWAQLLBHKGSI332ZZCORTFZ2XLOIH/

Type

URI

MISC

https://support.apple.com/en-us/HT213184

MISC

https://support.apple.com/en-us/HT213185

Mailing List

http://www.openwall.com/lists/oss-security/2022/07/05/3

Mailing List

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ANNHXXARVBRGI74TVQNZOAG6P7AGSMUJ/

Mailing List

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/33BWWAQLLBHKGSI332ZZCORTFZ2XLOIH/

Third Party Advisory

https://security.gentoo.org/glsa/202208-39

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ANNHXXARVBRGI74TVQNZOAG6P7AGSMUJ/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33BWWAQLLBHKGSI332ZZCORTFZ2XLOIH/

Match rules

CPE URI	Source package	Min version	Max version
`cpe:2.3:o:apple:mac_os_x::::::::`	mac_os_x	>= 10.15	< 10.15.7
`cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update::::::`	mac_os_x	== None	== 10.15.7
`cpe:2.3:o:apple:macos::::::::`	macos	>= 11.0	< 11.6.5

CPE URI

Source package

Min version

Max version

cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

mac_os_x

>= 10.15

< 10.15.7

cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*

mac_os_x

== None

== 10.15.7

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

macos

>= 11.0

< 11.6.5

References

Match rules

Vulnerable and fixed packages