First published: Mon Oct 24 2022(Updated: )
A logic issue was addressed with improved state management. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content may disclose sensitive user information.
Credit: product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
<13 | 13 | |
Apple iOS | <16.1 | 16.1 |
Apple iPadOS | <16 | 16 |
Apple watchOS | <9.1 | 9.1 |
Apple tvOS | <16.1 | 16.1 |
Apple Safari | <16.1 | 16.1 |
Apple Safari | <16.1 | |
Apple iPadOS | <16.0 | |
Apple iPhone OS | <16.1 | |
Apple macOS | <13.0 | |
Apple tvOS | <16.1 | |
Apple watchOS | <9.1 | |
Fedoraproject Fedora | =35 | |
Fedoraproject Fedora | =36 | |
Fedoraproject Fedora | =37 | |
Debian Debian Linux | =10.0 | |
Debian Debian Linux | =11.0 | |
debian/webkit2gtk | <=2.36.4-1~deb10u1 | 2.38.6-0+deb10u1 2.40.5-1~deb11u1 2.42.1-1~deb11u2 2.40.5-1~deb12u1 2.42.1-1~deb12u1 2.42.1-2 |
debian/wpewebkit | 2.38.6-1~deb11u1 2.38.6-1 2.42.1-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2022-42824 is a logic issue in WebKit that has been addressed with improved state management.
CVE-2022-42824 affects Apple iOS 16.1, Apple iPadOS 16, Apple watchOS 9.1, Apple Safari 16.1, Apple tvOS 16.1, and macOS Ventura up to version 13.
To fix CVE-2022-42824, update your Apple iOS, iPadOS, watchOS, Safari, tvOS, or macOS Ventura to the recommended versions provided by Apple.
You can find more information about CVE-2022-42824 on the following Apple support pages: [support.apple.com/en-us/HT213489](support.apple.com/en-us/HT213489), [support.apple.com/en-us/HT213491](support.apple.com/en-us/HT213491), [support.apple.com/en-us/HT213495](support.apple.com/en-us/HT213495)