CVE-2022-42799
MEDIUMSafari < 16.1 - User Interface Spoofing via Malicious Website
Title source: llmDescription
The issue was addressed with improved UI handling. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Visiting a malicious website may lead to user interface spoofing.
References (13)
Core 13
Core References
Release Notes, Vendor Advisory
https://support.apple.com/en-us/HT213488
Release Notes, Vendor Advisory
https://support.apple.com/en-us/HT213489
Release Notes, Vendor Advisory
https://support.apple.com/en-us/HT213491
Release Notes, Vendor Advisory
https://support.apple.com/en-us/HT213492
Release Notes, Vendor Advisory
https://support.apple.com/en-us/HT213495
Mailing List, Third Party Advisory mailing-list
http://www.openwall.com/lists/oss-security/2022/11/04/4
Mailing List, Third Party Advisory vendor-advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5LF4LYP725XZ7RWOPFUV6DGPN4Q5DUU4/
Third Party Advisory vendor-advisory
https://www.debian.org/security/2022/dsa-5273
Third Party Advisory vendor-advisory
https://www.debian.org/security/2022/dsa-5274
Mailing List, Third Party Advisory mailing-list
https://lists.debian.org/debian-lts-announce/2022/11/msg00010.html
Mailing List, Third Party Advisory vendor-advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AQKLEGJK3LHAKUQOLBHNR2DI3IUGLLTY/
Mailing List, Third Party Advisory vendor-advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JOFKX6BUEJFECSVFV6P5INQCOYQBB4NZ/
Third Party Advisory vendor-advisory
https://security.gentoo.org/glsa/202305-32
Scores
CVSS v3
6.1
EPSS
0.0119
EPSS Percentile
63.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-1021
Status
published
Products (11)
apple/ipados
< 16.0
apple/iphone_os
< 16.1
apple/macos
< 13.0
apple/safari
< 16.1
apple/tvos
< 16.1
apple/watchos
< 9.1
debian/debian_linux
10.0
debian/debian_linux
11.0
fedoraproject/fedora
35
fedoraproject/fedora
36
... and 1 more
Published
Nov 01, 2022
Tracked Since
Feb 18, 2026