CVE-2022-22677
Published on: Not Yet Published
Last Modified on: 11/03/2022 01:47:00 PM UTC
Certain versions of Ipados from Apple contain the following vulnerability:
A logic issue in the handling of concurrent media was addressed with improved state handling. This issue is fixed in macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. Video self-preview in a webRTC call may be interrupted if the user answers a phone call.
- CVE-2022-22677 has been assigned by
product-sec[email protected] to track the vulnerability - currently rated as MEDIUM severity.
- Affected Vendor/Software:
Apple - macOS version < 12.4
- Affected Vendor/Software:
Apple - macOS version < 15.5
CVSS3 Score: 4.3 - MEDIUM
Attack Vector ⓘ |
Attack Complexity |
Privileges Required |
User Interaction |
---|---|---|---|
NETWORK | LOW | NONE | REQUIRED |
Scope | Confidentiality Impact |
Integrity Impact |
Availability Impact |
UNCHANGED | NONE | LOW | NONE |
CVE References
Description | Tags ⓘ | Link |
---|---|---|
About the security content of iOS 15.5 and iPadOS 15.5 - Apple Support | support.apple.com text/html |
![]() |
About the security content of macOS Monterey 12.4 - Apple Support | support.apple.com text/html |
![]() |
Related QID Numbers
- 180889 Debian Security Update for wpewebkit (DSA 5183-1)
- 180890 Debian Security Update for webkit2gtk (DSA 5182-1)
- 182798 Debian Security Update for webkit2gtkwpewebkit (CVE-2022-22677)
- 198864 Ubuntu Security Notification for WebKitGTK Vulnerabilities (USN-5522-1)
- 355438 Amazon Linux Security Advisory for webkitgtk4 : ALAS2-2023-2088
- 376612 Apple macOS Monterey 12.4 Not Installed (HT213257)
- 502418 Alpine Linux Security Update for webkit2gtk-5.0
- 502419 Alpine Linux Security Update for webkit2gtk
- 503276 Alpine Linux Security Update for webkit2gtk-6.0
- 610416 Apple iOS 15.5 and iPadOS 15.5 Security Update Missing (HT213258)
- 710613 Gentoo Linux WebKitGTK+ Multiple Vulnerabilities (GLSA 202208-39)
- 752371 SUSE Enterprise Linux Security Update for webkit2gtk3 (SUSE-SU-2022:2524-1)
- 752372 SUSE Enterprise Linux Security Update for webkit2gtk3 (SUSE-SU-2022:2522-1)
- 752373 SUSE Enterprise Linux Security Update for webkit2gtk3 (SUSE-SU-2022:2525-1)
- 752374 SUSE Enterprise Linux Security Update for webkit2gtk3 (SUSE-SU-2022:2523-1)
Known Affected Configurations (CPE V2.3)
Type | Vendor | Product | Version | Update | Edition | Language |
---|---|---|---|---|---|---|
Operating System | Apple | Ipados | All | All | All | All |
Operating System | Apple | Iphone Os | All | All | All | All |
Operating System | Apple | Macos | All | All | All | All |
- cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*:
- cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*:
- cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*:
No vendor comments have been submitted for this CVE
Social Mentions
Source | Title | Posted (UTC) |
---|---|---|
![]() |
OPENBSD_7_1 ajacoutot@ modified www/webkitgtk4: SECURITY update to webkitgtk4-2.36.4. CVE-2022-22662, CVE-2022-22677, CVE-2022-26710 | 2022-07-05 21:55:19 |
![]() |
OPENBSD_7_1 ajacoutot@ modified www/webkitgtk4: SECURITY update to webkitgtk4-2.36.4. CVE-2022-22662, CVE-2022-22677, CVE-2022-26710 | 2022-07-05 21:55:19 |
![]() |
CVE-2022-22677 : A logic issue in the handling of concurrent media was addressed with improved state handling. This… twitter.com/i/web/status/1… | 2022-11-01 20:23:36 |
![]() |
MS-ISAC CYBERSECURITY ADVISORY - Multiple Vulnerabilities in Apple Products Could Allow for Arbitrary Code Execution - PATCH: NOW | 2022-05-17 13:11:14 |
![]() |
UPDATED MS-ISAC CYBERSECURITY ADVISORY - Multiple Vulnerabilities in Apple Products Could Allow for Arbitrary Code Execution - PATCH: NOW | 2022-05-18 14:59:44 |