Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-rquw-cmsc-tka8
Vulnerability ID VCID-rquw-cmsc-tka8
Aliases CVE-2022-32893
Summary Multiple vulnerabilities have been found in WebkitGTK+, the worst of which could result in the arbitrary execution of code.
Status Published
Exploitability 2.0
Weighted Severity 7.9
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-787 Out-of-bounds Write
System Score Found at
cvssv3 8.8 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32893.json
epss 0.00163 https://api.first.org/data/v1/epss?cve=CVE-2022-32893
epss 0.00163 https://api.first.org/data/v1/epss?cve=CVE-2022-32893
epss 0.00163 https://api.first.org/data/v1/epss?cve=CVE-2022-32893
epss 0.00163 https://api.first.org/data/v1/epss?cve=CVE-2022-32893
epss 0.00163 https://api.first.org/data/v1/epss?cve=CVE-2022-32893
epss 0.00163 https://api.first.org/data/v1/epss?cve=CVE-2022-32893
epss 0.00163 https://api.first.org/data/v1/epss?cve=CVE-2022-32893
epss 0.00163 https://api.first.org/data/v1/epss?cve=CVE-2022-32893
epss 0.00163 https://api.first.org/data/v1/epss?cve=CVE-2022-32893
epss 0.00163 https://api.first.org/data/v1/epss?cve=CVE-2022-32893
epss 0.00163 https://api.first.org/data/v1/epss?cve=CVE-2022-32893
epss 0.00163 https://api.first.org/data/v1/epss?cve=CVE-2022-32893
epss 0.00163 https://api.first.org/data/v1/epss?cve=CVE-2022-32893
epss 0.00163 https://api.first.org/data/v1/epss?cve=CVE-2022-32893
cvssv3.1 8.8 http://seclists.org/fulldisclosure/2022/Aug/16
ssvc Attend http://seclists.org/fulldisclosure/2022/Aug/16
cvssv3.1 8.8 http://seclists.org/fulldisclosure/2022/Oct/49
ssvc Attend http://seclists.org/fulldisclosure/2022/Oct/49
cvssv3.1 8.8 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1 8.8 https://lists.debian.org/debian-lts-announce/2022/08/msg00019.html
ssvc Attend https://lists.debian.org/debian-lts-announce/2022/08/msg00019.html
cvssv3.1 8.8 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7SETAAXEPGNBMYKTUDFEZHS5LGSQ64QL/
ssvc Attend https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7SETAAXEPGNBMYKTUDFEZHS5LGSQ64QL/
cvssv3.1 8.8 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YKJGV2EXVMYQW3OAJNI4WUTKKVMD2YYK/
ssvc Attend https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YKJGV2EXVMYQW3OAJNI4WUTKKVMD2YYK/
archlinux Unknown https://security.archlinux.org/AVG-2819
archlinux Unknown https://security.archlinux.org/AVG-2820
cvssv3.1 8.8 https://security.gentoo.org/glsa/202208-39
ssvc Attend https://security.gentoo.org/glsa/202208-39
cvssv3.1 8.8 https://support.apple.com/en-us/HT213412
ssvc Attend https://support.apple.com/en-us/HT213412
cvssv3.1 8.8 https://support.apple.com/en-us/HT213413
ssvc Attend https://support.apple.com/en-us/HT213413
cvssv3.1 8.8 https://support.apple.com/en-us/HT213414
ssvc Attend https://support.apple.com/en-us/HT213414
cvssv3.1 8.8 https://www.debian.org/security/2022/dsa-5219
ssvc Attend https://www.debian.org/security/2022/dsa-5219
cvssv3.1 8.8 https://www.debian.org/security/2022/dsa-5220
ssvc Attend https://www.debian.org/security/2022/dsa-5220
cvssv3.1 8.8 http://www.openwall.com/lists/oss-security/2022/08/25/5
ssvc Attend http://www.openwall.com/lists/oss-security/2022/08/25/5
cvssv3.1 8.8 http://www.openwall.com/lists/oss-security/2022/08/26/2
ssvc Attend http://www.openwall.com/lists/oss-security/2022/08/26/2
cvssv3.1 8.8 http://www.openwall.com/lists/oss-security/2022/08/29/1
ssvc Attend http://www.openwall.com/lists/oss-security/2022/08/29/1
cvssv3.1 8.8 http://www.openwall.com/lists/oss-security/2022/08/29/2
ssvc Attend http://www.openwall.com/lists/oss-security/2022/08/29/2
cvssv3.1 8.8 http://www.openwall.com/lists/oss-security/2022/09/02/10
ssvc Attend http://www.openwall.com/lists/oss-security/2022/09/02/10
cvssv3.1 8.8 http://www.openwall.com/lists/oss-security/2022/09/13/1
ssvc Attend http://www.openwall.com/lists/oss-security/2022/09/13/1
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32893.json
https://api.first.org/data/v1/epss?cve=CVE-2022-32893
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32893
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
1 http://www.openwall.com/lists/oss-security/2022/08/29/1
1 http://www.openwall.com/lists/oss-security/2022/09/13/1
10 http://www.openwall.com/lists/oss-security/2022/09/02/10
16 http://seclists.org/fulldisclosure/2022/Aug/16
2 http://www.openwall.com/lists/oss-security/2022/08/26/2
2 http://www.openwall.com/lists/oss-security/2022/08/29/2
2121645 https://bugzilla.redhat.com/show_bug.cgi?id=2121645
49 http://seclists.org/fulldisclosure/2022/Oct/49
5 http://www.openwall.com/lists/oss-security/2022/08/25/5
7SETAAXEPGNBMYKTUDFEZHS5LGSQ64QL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7SETAAXEPGNBMYKTUDFEZHS5LGSQ64QL/
AVG-2819 https://security.archlinux.org/AVG-2819
AVG-2820 https://security.archlinux.org/AVG-2820
dsa-5219 https://www.debian.org/security/2022/dsa-5219
dsa-5220 https://www.debian.org/security/2022/dsa-5220
GLSA-202208-39 https://security.gentoo.org/glsa/202208-39
HT213412 https://support.apple.com/en-us/HT213412
HT213413 https://support.apple.com/en-us/HT213413
HT213414 https://support.apple.com/en-us/HT213414
msg00019.html https://lists.debian.org/debian-lts-announce/2022/08/msg00019.html
RHSA-2022:6540 https://access.redhat.com/errata/RHSA-2022:6540
RHSA-2022:6634 https://access.redhat.com/errata/RHSA-2022:6634
RHSA-2025:10364 https://access.redhat.com/errata/RHSA-2025:10364
USN-5611-1 https://usn.ubuntu.com/5611-1/
YKJGV2EXVMYQW3OAJNI4WUTKKVMD2YYK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YKJGV2EXVMYQW3OAJNI4WUTKKVMD2YYK/
Data source KEV
Date added Aug. 18, 2022
Description Apple iOS and macOS contain an out-of-bounds write vulnerability that could allow for remote code execution when processing malicious crafted web content.
Required action Apply updates per vendor instructions.
Due date Sept. 8, 2022
Note 
https://support.apple.com/en-gb/HT213412, https://support.apple.com/en-gb/HT213413;  https://nvd.nist.gov/vuln/detail/CVE-2022-32893
Ransomware campaign use Unknown
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32893.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://seclists.org/fulldisclosure/2022/Aug/16
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T16:26:40Z/ Found at http://seclists.org/fulldisclosure/2022/Aug/16
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://seclists.org/fulldisclosure/2022/Oct/49
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T16:26:40Z/ Found at http://seclists.org/fulldisclosure/2022/Oct/49
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://lists.debian.org/debian-lts-announce/2022/08/msg00019.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T16:26:40Z/ Found at https://lists.debian.org/debian-lts-announce/2022/08/msg00019.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7SETAAXEPGNBMYKTUDFEZHS5LGSQ64QL/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T16:26:40Z/ Found at https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7SETAAXEPGNBMYKTUDFEZHS5LGSQ64QL/
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YKJGV2EXVMYQW3OAJNI4WUTKKVMD2YYK/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T16:26:40Z/ Found at https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YKJGV2EXVMYQW3OAJNI4WUTKKVMD2YYK/
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://security.gentoo.org/glsa/202208-39
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T16:26:40Z/ Found at https://security.gentoo.org/glsa/202208-39
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/HT213412
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T16:26:40Z/ Found at https://support.apple.com/en-us/HT213412
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/HT213413
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T16:26:40Z/ Found at https://support.apple.com/en-us/HT213413
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/HT213414
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T16:26:40Z/ Found at https://support.apple.com/en-us/HT213414
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://www.debian.org/security/2022/dsa-5219
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T16:26:40Z/ Found at https://www.debian.org/security/2022/dsa-5219
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://www.debian.org/security/2022/dsa-5220
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T16:26:40Z/ Found at https://www.debian.org/security/2022/dsa-5220
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://www.openwall.com/lists/oss-security/2022/08/25/5
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T16:26:40Z/ Found at http://www.openwall.com/lists/oss-security/2022/08/25/5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://www.openwall.com/lists/oss-security/2022/08/26/2
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T16:26:40Z/ Found at http://www.openwall.com/lists/oss-security/2022/08/26/2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://www.openwall.com/lists/oss-security/2022/08/29/1
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T16:26:40Z/ Found at http://www.openwall.com/lists/oss-security/2022/08/29/1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://www.openwall.com/lists/oss-security/2022/08/29/2
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T16:26:40Z/ Found at http://www.openwall.com/lists/oss-security/2022/08/29/2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://www.openwall.com/lists/oss-security/2022/09/02/10
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T16:26:40Z/ Found at http://www.openwall.com/lists/oss-security/2022/09/02/10
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://www.openwall.com/lists/oss-security/2022/09/13/1
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T16:26:40Z/ Found at http://www.openwall.com/lists/oss-security/2022/09/13/1
Exploit Prediction Scoring System (EPSS)
Percentile 0.37313
EPSS Score 0.00163
Published At April 2, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T13:14:51.497255+00:00 Gentoo Importer Import https://security.gentoo.org/glsa/202208-39 38.0.0