CVE-2022-22594

MEDIUM

iOS <15.3 - Info Disclosure

Title source: llm

Description

A cross-origin issue in the IndexDB API was addressed with improved input validation. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. A website may be able to track sensitive user information.

References (5)

Scores

CVSS v3 6.5
EPSS 0.0022
EPSS Percentile 44.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Classification

CWE
CWE-346
Status published

Affected Products (6)

apple/safari < 15.3
apple/ipados < 15.3
apple/iphone_os < 15.3
apple/macos < 12.2
apple/tvos < 15.3
apple/watchos < 8.4

Timeline

Published Mar 18, 2022
Tracked Since Feb 18, 2026