{"api_version":"1","generated_at":"2026-04-23T01:00:17+00:00","cve":"CVE-2022-32912","urls":{"html":"https://cve.report/CVE-2022-32912","api":"https://cve.report/api/cve/CVE-2022-32912.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2022-32912","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2022-32912"},"summary":{"title":"CVE-2022-32912","description":"An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7. Processing maliciously crafted web content may lead to arbitrary code execution.","state":"PUBLIC","assigner":"product-security@apple.com","published_at":"2022-09-20 21:15:00","updated_at":"2022-12-07 03:11:00"},"problem_types":["CWE-125"],"metrics":[],"references":[{"url":"http://seclists.org/fulldisclosure/2022/Oct/41","name":"20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13","refsource":"FULLDISC","tags":[],"title":"Full Disclosure: APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://seclists.org/fulldisclosure/2022/Oct/49","name":"20221030 APPLE-SA-2022-10-27-13 watchOS 9","refsource":"FULLDISC","tags":[],"title":"Full Disclosure: APPLE-SA-2022-10-27-13 watchOS 9","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://seclists.org/fulldisclosure/2022/Oct/40","name":"20221030 APPLE-SA-2022-10-27-4 Additional information for APPLE-SA-2022-09-12-2 iOS 15.7 and iPadOS 15.7","refsource":"FULLDISC","tags":[],"title":"Full Disclosure: APPLE-SA-2022-10-27-4 Additional information for APPLE-SA-2022-09-12-2 iOS 15.7 and iPadOS 15.7","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://support.apple.com/en-us/HT213446","name":"https://support.apple.com/en-us/HT213446","refsource":"MISC","tags":[],"title":"About the security content of iOS 16 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://seclists.org/fulldisclosure/2022/Oct/39","name":"20221030 APPLE-SA-2022-10-27-3 Additional information for APPLE-SA-2022-09-12-1 iOS 16","refsource":"FULLDISC","tags":[],"title":"Full Disclosure: APPLE-SA-2022-10-27-3 Additional information for APPLE-SA-2022-09-12-1 iOS 16","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://seclists.org/fulldisclosure/2022/Oct/28","name":"20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13","refsource":"FULLDISC","tags":[],"title":"Full Disclosure: APPLE-SA-2022-10-24-2 macOS Ventura 13","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://seclists.org/fulldisclosure/2022/Oct/50","name":"20221030 APPLE-SA-2022-10-27-14 Additional information for APPLE-SA-2022-09-12-5 Safari 16","refsource":"FULLDISC","tags":[],"title":"Full Disclosure: APPLE-SA-2022-10-27-14 Additional information for APPLE-SA-2022-09-12-5 Safari 16","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://support.apple.com/en-us/HT213442","name":"https://support.apple.com/en-us/HT213442","refsource":"MISC","tags":[],"title":"About the security content of Safari 16 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://support.apple.com/en-us/HT213445","name":"https://support.apple.com/en-us/HT213445","refsource":"MISC","tags":[],"title":"About the security content of iOS 15.7 and iPadOS 15.7 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://seclists.org/fulldisclosure/2022/Oct/47","name":"20221030 APPLE-SA-2022-10-27-11 tvOS 16","refsource":"FULLDISC","tags":[],"title":"Full Disclosure: APPLE-SA-2022-10-27-11 tvOS 16","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2022-32912","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-32912","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2022","cve_id":"32912","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"ipados","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"32912","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"iphone_os","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"32912","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"apple","cpe5":"safari","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2022-32912","qid":"376979","title":"Apple Safari Multiple Vulnerabilities (HT213442)"},{"cve":"CVE-2022-32912","qid":"610446","title":"Apple iOS 16 Security Update Missing"},{"cve":"CVE-2022-32912","qid":"610447","title":"Apple iOS 15.7 and iPadOS 15.7 Security Update Missing"},{"cve":"CVE-2022-32912","qid":"610448","title":"Apple iOS 15.7 and iPadOS 15.7 Security Update Missing"},{"cve":"CVE-2022-32912","qid":"752646","title":"SUSE Enterprise Linux Security Update for webkit2gtk3 (SUSE-SU-2022:3488-1)"},{"cve":"CVE-2022-32912","qid":"752647","title":"SUSE Enterprise Linux Security Update for webkit2gtk3 (SUSE-SU-2022:3492-1)"},{"cve":"CVE-2022-32912","qid":"752649","title":"SUSE Enterprise Linux Security Update for webkit2gtk3 (SUSE-SU-2022:3502-1)"},{"cve":"CVE-2022-32912","qid":"752658","title":"SUSE Enterprise Linux Security Update for webkit2gtk3 (SUSE-SU-2022:3538-1)"},{"cve":"CVE-2022-32912","qid":"753948","title":"SUSE Enterprise Linux Security Update for webkit2gtk3 (SUSE-SU-2023:2056-1)"},{"cve":"CVE-2022-32912","qid":"753959","title":"SUSE Enterprise Linux Security Update for webkit2gtk3 (SUSE-SU-2023:2078-1)"},{"cve":"CVE-2022-32912","qid":"753960","title":"SUSE Enterprise Linux Security Update for webkit2gtk3 (SUSE-SU-2023:2077-1)"}]},"source_records":{"cve_program":{"data_type":"CVE","data_format":"MITRE","data_version":"4.0","CVE_data_meta":{"ID":"CVE-2022-32912","ASSIGNER":"product-security@apple.com","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"vendor_name":"Apple","product":{"product_data":[{"product_name":"iOS","version":{"version_data":[{"version_affected":"<","version_value":"16"}]}},{"product_name":"Safari","version":{"version_data":[{"version_affected":"<","version_value":"16"}]}},{"product_name":"iOS and iPadOS","version":{"version_data":[{"version_affected":"<","version_value":"15.7"}]}}]}}]}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Processing maliciously crafted web content may lead to arbitrary code execution"}]}]},"references":{"reference_data":[{"refsource":"MISC","url":"https://support.apple.com/en-us/HT213446","name":"https://support.apple.com/en-us/HT213446"},{"refsource":"MISC","url":"https://support.apple.com/en-us/HT213445","name":"https://support.apple.com/en-us/HT213445"},{"refsource":"MISC","url":"https://support.apple.com/en-us/HT213442","name":"https://support.apple.com/en-us/HT213442"},{"refsource":"FULLDISC","name":"20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13","url":"http://seclists.org/fulldisclosure/2022/Oct/41"},{"refsource":"FULLDISC","name":"20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13","url":"http://seclists.org/fulldisclosure/2022/Oct/28"},{"refsource":"FULLDISC","name":"20221030 APPLE-SA-2022-10-27-3 Additional information for APPLE-SA-2022-09-12-1 iOS 16","url":"http://seclists.org/fulldisclosure/2022/Oct/39"},{"refsource":"FULLDISC","name":"20221030 APPLE-SA-2022-10-27-4 Additional information for APPLE-SA-2022-09-12-2 iOS 15.7 and iPadOS 15.7","url":"http://seclists.org/fulldisclosure/2022/Oct/40"},{"refsource":"FULLDISC","name":"20221030 APPLE-SA-2022-10-27-13 watchOS 9","url":"http://seclists.org/fulldisclosure/2022/Oct/49"},{"refsource":"FULLDISC","name":"20221030 APPLE-SA-2022-10-27-14 Additional information for APPLE-SA-2022-09-12-5 Safari 16","url":"http://seclists.org/fulldisclosure/2022/Oct/50"},{"refsource":"FULLDISC","name":"20221030 APPLE-SA-2022-10-27-11 tvOS 16","url":"http://seclists.org/fulldisclosure/2022/Oct/47"}]},"description":{"description_data":[{"lang":"eng","value":"An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7. Processing maliciously crafted web content may lead to arbitrary code execution."}]}},"nvd":{"publishedDate":"2022-09-20 21:15:00","lastModifiedDate":"2022-12-07 03:11:00","problem_types":["CWE-125"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*","versionEndExcluding":"15.7","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","versionEndExcluding":"15.7","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*","versionEndExcluding":"16.0","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}