Home > Vulnerability Database > CVE-2022-42823

Mend.io Vulnerability Database

CVE-2022-42823

Date: October 31, 2022

A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content may lead to arbitrary code execution.

Severity Score

8.8

Related Resources (20)

Url: https://access.redhat.com/security/cve/CVE-2022-42823

Url: https://nvd.nist.gov/vuln/detail/CVE-2022-42823

Url: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JOFKX6BUEJFECSVFV6P5INQCOYQBB4NZ/

Url: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AQKLEGJK3LHAKUQOLBHNR2DI3IUGLLTY/

Url: https://lists.debian.org/debian-lts-announce/2022/11/msg00010.html

Url: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5LF4LYP725XZ7RWOPFUV6DGPN4Q5DUU4/

Url: http://www.openwall.com/lists/oss-security/2022/11/04/4

Url: https://security-tracker.debian.org/tracker/CVE-2022-42823

Url: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5LF4LYP725XZ7RWOPFUV6DGPN4Q5DUU4/

Url: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AQKLEGJK3LHAKUQOLBHNR2DI3IUGLLTY/

Url: https://support.apple.com/en-us/HT213492

Url: https://support.apple.com/en-us/HT213491

Url: https://support.apple.com/en-us/HT213495

Url: https://support.apple.com/en-us/HT213489

Url: https://support.apple.com/en-us/HT213488

Url: https://security.gentoo.org/glsa/202305-32

Url: https://www.debian.org/security/2022/dsa-5274

Url: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JOFKX6BUEJFECSVFV6P5INQCOYQBB4NZ/

Url: https://www.debian.org/security/2022/dsa-5273

Url: https://www.mend.io/vulnerability-database/CVE-2022-42823

Severity Score

8.8

Weakness Type (CWE)

Access of Resource Using Incompatible Type ('Type Confusion')

CWE-843

CVSS v3.1

Base Score:	8.8
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	REQUIRED
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2022-42823

Date: October 31, 2022

Severity Score

Related Resources (20)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?