CVE-2022-22637 - How a Safari Logic Flaw Enabled Dangerous Cross-Origin Web Attacks (and What Was Done About It)
In early 2022, security researchers uncovered a serious vulnerability—CVE-2022-22637—that could allow a malicious website on Safari to bypass cross-origin restrictions. This issue, stemming
CVE-2022-32815 The issue with memory handling in iOS and iPadOS 15.6 and later was fixed. Catalina Security Update 2022-005 addresses memory handling in Mac OS.
This issue was addressed by restricting root access to app binaries only. We are aware of reports of app developers enabling root access to their
CVE-2022-32816 The issue was fixed in watchOS 8.7, tvOS 15.6, iOS 15.6, and iPadOS 15.6.
Visiting a website that frames malicious content may lead to UI spoofing. This issue was addressed with improved UI handling. This issue is fixed in
CVE-2022-32799 Fixed an out-of-bounds read issue in Security Update 2022-005 Catalina, macOS Monterey 12.5.
An issue where installing a system update stopped some applications from starting was resolved. An issue that could cause some system services or daemons to
CVE-2022-32841 The issue was fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5.
An attacker can leverage this issue to bypass code signing and execute arbitrary code on the impacted device. An attacker can also spoof an image
Episode
00:00:00
00:00:00