First published: Mon Oct 24 2022(Updated: )
A correctness issue in the JIT was addressed with improved checks. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content may disclose internal states of the app.
Credit: product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
<13 | 13 | |
Apple iOS | <16.1 | 16.1 |
Apple iPadOS | <16 | 16 |
Apple iOS | <15.7.1 | 15.7.1 |
Apple iPadOS | <15.7.1 | 15.7.1 |
Apple watchOS | <9.1 | 9.1 |
Apple tvOS | <16.1 | 16.1 |
Apple Safari | <16.1 | 16.1 |
Apple Safari | <16.1 | |
Apple iPadOS | <15.7.1 | |
Apple iPhone OS | <15.7.1 | |
Apple iPhone OS | =16.0 | |
Apple macOS | <13.0 | |
Apple tvOS | <16.1 | |
Apple watchOS | <9.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)
(Found alongside the following vulnerabilities)
CVE-2022-32923 is a correctness issue in the JIT in WebKit that has been addressed with improved checks.
CVE-2022-32923 affects Apple iOS (up to version 16.1), Apple iPadOS (up to version 16), Apple watchOS (up to version 9.1), Apple Safari (up to version 16.1) and Apple macOS Ventura (up to version 13).
The remedy for CVE-2022-32923 is to update the affected software to the specified versions.
You can find more information about CVE-2022-32923 on the following references: [Link 1](https://support.apple.com/en-us/HT213489), [Link 2](https://support.apple.com/en-us/HT213491), [Link 3](https://support.apple.com/en-us/HT213495).