CVE-2022-32851: Input Validation
First published: Wed Jul 20 2022(Updated: )
AppleScript. An out-of-bounds read issue was addressed with improved input validation.
Credit: Ye Zhang @co0py_Cat Baidu SecurityYe Zhang @co0py_Cat Baidu SecurityYe Zhang @co0py_Cat Baidu SecurityYe Zhang @co0py_Cat Baidu SecurityYe Zhang @co0py_Cat Baidu SecurityYe Zhang @co0py_Cat Baidu SecurityYe Zhang @co0py_Cat Baidu Security product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple Catalina | ||
| Apple macOS Big Sur | <11.6.8 | 11.6.8 |
| Apple Mac OS X | =10.15.7-security_update_2020-001 | |
| Apple Mac OS X | =10.15.7-security_update_2021-001 | |
| Apple Mac OS X | =10.15.7-security_update_2021-002 | |
| Apple Mac OS X | =10.15.7-security_update_2021-003 | |
| Apple Mac OS X | =10.15.7-security_update_2021-004 | |
| Apple Mac OS X | =10.15.7-security_update_2021-005 | |
| Apple Mac OS X | =10.15.7-security_update_2021-006 | |
| Apple Mac OS X | =10.15.7-security_update_2021-007 | |
| Apple Mac OS X | =10.15.7-security_update_2021-008 | |
| Apple Mac OS X | =10.15.7-security_update_2022-001 | |
| Apple Mac OS X | =10.15.7-security_update_2022-002 | |
| Apple Mac OS X | =10.15.7-security_update_2022-003 | |
| Apple macOS | <10.15.7 | |
| Apple macOS | >=11.0<11.6.8 | |
| Apple macOS | >=12.0<12.5 | |
| Apple macOS | =10.15.7 | |
| Apple macOS | =10.15.7-security_update_2022-004 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://support.apple.com/en-us/HT213343 (Advisory)
- https://support.apple.com/en-us/HT213344 (Advisory)
- https://support.apple.com/en-us/HT213345 (Advisory)
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2022-32832
- CVE-2022-32826
- CVE-2022-32797
- CVE-2022-32853
- CVE-2022-32851
- CVE-2022-32831
- CVE-2022-32910
- CVE-2022-32820
- CVE-2022-32805
- CVE-2022-32849
- CVE-2022-32839
- CVE-2022-32781
- CVE-2022-32819
- CVE-2022-32787
- CVE-2022-32785
- CVE-2022-32812
- CVE-2022-32811
- CVE-2022-32815
- CVE-2022-32813
- CVE-2021-30946
- CVE-2022-32823
- CVE-2022-32786
- CVE-2022-32800
- CVE-2022-32838
- CVE-2022-32843
- CVE-2022-32842
- CVE-2022-32799
- CVE-2022-32857
- CVE-2022-32807
- CVE-2022-26704
- CVE-2022-32834
- CVE-2021-4136
- CVE-2021-4166
- CVE-2021-4173
- CVE-2021-4187
- CVE-2021-4192
- CVE-2021-4193
- CVE-2021-46059
- CVE-2022-0128
- CVE-2022-32860
- CVE-2022-32837
- CVE-2022-32847
- CVE-2022-32825
- CVE-2022-32814
- CVE-2022-0156
- CVE-2022-0158
- CVE-2022-32848
- CVE-2022-42858
- CVE-2022-32788
- CVE-2022-32880
- CVE-2022-42805
- CVE-2022-32948
- CVE-2022-32810
- CVE-2022-32840
- CVE-2022-32845
- CVE-2022-48578
- CVE-2022-32852
- CVE-2022-32789
- CVE-2022-32828
- CVE-2022-32793
- CVE-2022-32821
- CVE-2022-32897
- CVE-2022-32802
- CVE-2022-32841
- CVE-2022-48503
- CVE-2022-32817
- CVE-2022-32829
- CVE-2022-26981
- CVE-2022-46708
- CVE-2022-32796
- CVE-2022-32798
- CVE-2022-32818
- CVE-2022-32801
- CVE-2021-28544
- CVE-2022-24070
- CVE-2022-29046
- CVE-2022-29048
- CVE-2022-32933
- CVE-2022-32885
- CVE-2022-32861
- CVE-2022-32863
- CVE-2022-32816
- CVE-2022-32792
- CVE-2022-2294
Frequently Asked Questions
What is the vulnerability ID for this AppleScript issue?
The vulnerability ID for this AppleScript issue is CVE-2022-32851.
What is the description of this vulnerability?
This vulnerability is an out-of-bounds read issue in AppleScript that has been addressed with improved input validation.
Which software versions are affected by this vulnerability?
This vulnerability affects Apple macOS Catalina, macOS Big Sur (up until version 11.6.8), and macOS Monterey (up until version 12.5).
How can I fix this vulnerability?
To fix this vulnerability, update your macOS to the latest available version. Refer to the Apple support links provided for more information.
What is the Common Weakness Enumeration (CWE) ID for this vulnerability?
The Common Weakness Enumeration (CWE) ID for this vulnerability is CWE-20.
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/type
- agent/weakness
- collector/apple-support
- alias/CVE-2022-32851
- agent/software-canonical-lookup-request
- source/Apple
- alias/CVE-2022-32852
- alias/CVE-2022-32853
- agent/software-canonical-lookup
- collector/nvd-index
- vendor/apple
- canonical/apple catalina
- canonical/apple macos big sur
- canonical/apple macos monterey
- canonical/apple mac os x
- version/apple mac os x/10.15.7-security_update_2020-001
- version/apple mac os x/10.15.7-security_update_2021-001
- version/apple mac os x/10.15.7-security_update_2021-002
- version/apple mac os x/10.15.7-security_update_2021-003
- version/apple mac os x/10.15.7-security_update_2021-004
- version/apple mac os x/10.15.7-security_update_2021-005
- version/apple mac os x/10.15.7-security_update_2021-006
- version/apple mac os x/10.15.7-security_update_2021-007
- version/apple mac os x/10.15.7-security_update_2021-008
- version/apple mac os x/10.15.7-security_update_2022-001
- version/apple mac os x/10.15.7-security_update_2022-002
- version/apple mac os x/10.15.7-security_update_2022-003
- canonical/apple macos
- version/apple macos/11.0
- version/apple macos/12.0
- version/apple macos/10.15.7
- version/apple macos/10.15.7-security_update_2022-004