What is CVE-2022-22611?

CVE-2022-22611 is a vulnerability in ImageIO that allows for an out-of-bounds read.

What is the severity of CVE-2022-22611?

The severity of CVE-2022-22611 is not specified.

Which software versions are affected by CVE-2022-22611?

iTunes for Windows version up to and including 12.12.3, watchOS version up to and including 8.5, iOS version up to and including 15.4, iPadOS version up to and including 15.4, tvOS version up to and including 15.4, and macOS Monterey version up to and including 12.3 are affected by CVE-2022-22611.

How can CVE-2022-22611 be fixed?

To fix CVE-2022-22611, update to the latest version of the affected software.

Where can I find more information about CVE-2022-22611?

You can find more information about CVE-2022-22611 at the following references: [Reference 1](https://support.apple.com/en-us/HT213186), [Reference 2](https://support.apple.com/en-us/HT213193), [Reference 3](https://support.apple.com/en-us/HT213188).

Vulnerability/
CVE-2022-22611

high

7.8

CWE

20 125

8/3/2022

18/3/2022

3/8/2024

CVE-2022-22611: Input Validation

First published: Tue Mar 08 2022(Updated: )

ImageIO. An out-of-bounds read was addressed with improved input validation.

Credit: Xingyu Jin GoogleXingyu Jin GoogleXingyu Jin GoogleXingyu Jin GoogleXingyu Jin Google product-security@apple.com

Affected Software	Affected Version	How to fix
Apple iTunes for Windows	<12.12.3	12.12.3
Apple macOS Monterey	<12.3	12.3
Apple watchOS	<8.5	8.5
Apple tvOS	<15.4	15.4
Apple iOS	<15.4	15.4
Apple iPadOS	<15.4	15.4
Apple Itunes Windows	<12.12.3
Apple iPadOS	<15.4
Apple iPhone OS	<15.4
Apple macOS	>=12.0<12.3
Apple tvOS	<15.4
Apple watchOS	<8.5

Never miss a vulnerability like this again

Reference Links

https://support.apple.com/en-us/HT213182 (Advisory)
https://support.apple.com/en-us/HT213183 (Advisory)
https://support.apple.com/en-us/HT213186 (Advisory)
https://support.apple.com/en-us/HT213188 (Advisory)
https://support.apple.com/en-us/HT213193 (Advisory)

Parent vulnerabilities

(Appears in the following advisories)

Peer vulnerabilities

(Found alongside the following vulnerabilities)

CVE-2022-22611
CVE-2022-22612
CVE-2022-22662
CVE-2022-22629
CVE-2022-22633
CVE-2022-22669
CVE-2022-22665
CVE-2022-22630
CVE-2022-22631
CVE-2022-22625
CVE-2022-22648
CVE-2022-22626
CVE-2022-22627
CVE-2022-22597
CVE-2022-22616
CVE-2022-22663
CVE-2022-26691
CVE-2021-22946
CVE-2021-22947
CVE-2021-22945
CVE-2022-22643
CVE-2022-22657
CVE-2022-22664
CVE-2021-30977
CVE-2022-46706
CVE-2022-22661
CVE-2022-22641
CVE-2022-22613
CVE-2022-22614
CVE-2022-22615
CVE-2022-22632
CVE-2022-22638
CVE-2022-22640
CVE-2021-30946
CVE-2021-36976
CVE-2022-21658
CVE-2022-22647
CVE-2022-22656
CVE-2022-22672
CVE-2022-22644
CVE-2022-26690
CVE-2022-26688
CVE-2022-22617
CVE-2022-22609
CVE-2022-22650
CVE-2022-22655
CVE-2022-22600
CVE-2022-22599
CVE-2022-22651
CVE-2022-22639
CVE-2022-22660
CVE-2022-22621
CVE-2021-4136
CVE-2021-4166
CVE-2021-4173
CVE-2021-4187
CVE-2021-4192
CVE-2021-4193
CVE-2021-46059
CVE-2022-0128
CVE-2022-0156
CVE-2022-0158
CVE-2021-30918
CVE-2022-22610
CVE-2022-22624
CVE-2022-22628
CVE-2022-22637
CVE-2022-22668
CVE-2022-22582
CVE-2022-22666
CVE-2022-22596
CVE-2022-22670
CVE-2022-22618
CVE-2022-22654
CVE-2022-22634
CVE-2022-22635
CVE-2022-22636
CVE-2022-22652
CVE-2022-22598
CVE-2022-22642
CVE-2022-22667
CVE-2022-22653
CVE-2022-22622
CVE-2022-22659
CVE-2022-22671

Frequently Asked Questions

What is CVE-2022-22611?
CVE-2022-22611 is a vulnerability in ImageIO that allows for an out-of-bounds read.
What is the severity of CVE-2022-22611?
The severity of CVE-2022-22611 is not specified.
Which software versions are affected by CVE-2022-22611?
iTunes for Windows version up to and including 12.12.3, watchOS version up to and including 8.5, iOS version up to and including 15.4, iPadOS version up to and including 15.4, tvOS version up to and including 15.4, and macOS Monterey version up to and including 12.3 are affected by CVE-2022-22611.
How can CVE-2022-22611 be fixed?
To fix CVE-2022-22611, update to the latest version of the affected software.
Where can I find more information about CVE-2022-22611?
You can find more information about CVE-2022-22611 at the following references: [Reference 1](https://support.apple.com/en-us/HT213186), [Reference 2](https://support.apple.com/en-us/HT213193), [Reference 3](https://support.apple.com/en-us/HT213188).

collector/apple-support
agent/type
agent/last-modified-date
agent/first-publish-date
agent/software-canonical-lookup-request
agent/references
agent/weakness
agent/severity
agent/author
agent/description
agent/event
collector/nvd-index
agent/softwarecombine
agent/tags
collector/mitre-cve
source/MITRE
vendor/apple
canonical/apple itunes for windows
canonical/apple macos monterey
canonical/apple watchos
canonical/apple tvos
canonical/apple ios
canonical/apple ipados
canonical/apple itunes windows
canonical/apple iphone os
canonical/apple macos
version/apple macos/12.0