CVE-2022-22662

MEDIUM

macOS 10.15-10.15.6 - Unprotected User Data Exposure via Cookie Management Issue

Title source: llm
STIX 2.1

Description

A cookie management issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Big Sur 11.6.5. Processing maliciously crafted web content may disclose sensitive user information.

References (6)

Core 6
Core References
Release Notes, Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT213184
Release Notes, Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT213185
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2022/07/05/3
Third Party Advisory vendor-advisory x_refsource_gentoo
https://security.gentoo.org/glsa/202208-39

Scores

CVSS v3 6.5
EPSS 0.0026
EPSS Percentile 49.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Details

Status published
Products (5)
apple/mac_os_x 10.15.7 (14 CPE variants)
apple/mac_os_x 10.15 - 10.15.7
apple/macos 11.0 - 11.6.5
fedoraproject/fedora 35
fedoraproject/fedora 36
Published May 26, 2022
Tracked Since Feb 18, 2026