CVE-2022-22637 - How a Safari Logic Flaw Enabled Dangerous Cross-Origin Web Attacks (and What Was Done About It)
In early 2022, security researchers uncovered a serious vulnerability—CVE-2022-22637—that could allow a malicious website on Safari to bypass cross-origin restrictions. This issue, stemming
CVE-2022-32853 An out-of-bounds read issue was fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, and macOS Monterey 12.5.
This issue is fixed in Security Update 2022-005 Catalina, macOS Mojave 10.14.5, macOS High Sierra 10.13.5, and macOS Sierra 10.12.
CVE-2022-35031 The commit 617837b contained a segmentation violation.
This issue was resolved by updating JavaScriptCore to version 0.9.6.
CVE-2017-5526 An exploitable condition exists in the handling of file:// URLs. By convincing
CVE-2022-32863 Memory corruption issue fixed in Safari 15.6, macOS Monterey 12.5.
This issue is fixed in Safari 15.5, macOS High Sierra 10.13.1. It may be possible to use social engineering techniques to trick
CVE-2022-32912 Out-of-bounds read was fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7.
This issue is addressed with improved memory handling. WebAssembly may be enabled in some JavaScript projects, but there is a risk that the imported code
Episode
00:00:00
00:00:00