CVE-2022-22633 Improved state management was addressed in watchOS 8.5, iOS 15.4, and iPadOS 15.4, macOS Big Sur 11.6.5.

CVE-2022-22633 Improved state management was addressed in watchOS 8.5, iOS 15.4, and iPadOS 15.4, macOS Big Sur 11.6.5.

This issue is fixed in watchOS 8.5, iOS 15.4, and iPadOS 15.4, macOS Big Sur 11.6.5, and macOS Monterey 12.3. An issue where an application may be unexpectedly terminated while attempting to load malicious PDF files has also been addressed. This issue may also be exploited to cause application crashes.

An information disclosure issue was addressed with improved input validation. This issue may be exploited to leak sensitive data, such as credit card information. This may be especially problematic for PDFs that require a password to access, as the password will be revealed to the user. This issue is fixed in watchOS 8.5, iOS 15.4, and iPadOS 15.4, macOS Big Sur 11.6.5, and macOS Monterey 12.3. An issue where applications may reveal the URL of malicious websites to the user has also been fixed. An issue where a specific URL may be displayed in the app switcher may lead to information disclosure. This issue is fixed in watchOS 8.5, iOS 15.4, and iPadOS 15.4, macOS Big Sur 11.6.5, and macOS Monterey 12.3. An issue with parsing certain malformed URLs in SIPs has also been addressed. An uninitialized pointer may lead to information disclosure. This issue is fixed in watchOS 8.5, iOS 15.4, and iPadOS 15.4, macOS Big Sur 11.

New Features and Improvements

- iOS 15.4 and watchOS 8.5 (and later) includes new features, improvements, and bug fixes for Apple Watch.

- iPadOS 15.4 includes new features, improvements, and bug fixes for iPad.

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe