Search for vulnerabilities
Vulnerability details: VCID-8mxq-zkdn-aaak
Vulnerability ID VCID-8mxq-zkdn-aaak
Aliases CVE-2022-22637
Summary A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5, iOS 15.4 and iPadOS 15.4, tvOS 15.4. A malicious website may cause unexpected cross-origin behavior.
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
rhas Moderate https://access.redhat.com/errata/RHSA-2022:1777
cvssv3 8.8 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22637.json
epss 0.00101 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00101 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00101 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00101 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00101 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00101 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00101 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00101 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00101 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00101 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00101 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00101 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00101 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00101 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00101 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00101 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00101 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00101 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00101 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00101 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00101 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00101 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.0012 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.0012 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.0012 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.0012 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.0012 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.0012 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.0012 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.0012 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.0012 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.0012 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.0012 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.0012 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.0012 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.0012 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.0012 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.0012 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.0012 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.0012 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.0012 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.0012 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.0012 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.0012 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.0012 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.0012 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.0012 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.0012 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.0012 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.0012 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.0012 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.0012 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.0012 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.0012 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.0012 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.0012 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.0012 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.0012 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.0012 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.0012 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.0012 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.0012 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.0012 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.0012 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.0012 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.0012 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.0012 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.0012 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.0012 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00328 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00328 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00328 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00328 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00328 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00328 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00328 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00328 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00328 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00328 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00328 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00328 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00328 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00328 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00328 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00328 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00671 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
rhbs medium https://bugzilla.redhat.com/show_bug.cgi?id=2073903
cvssv3.1 6.5 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-22637
cvssv3.1 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-22637
archlinux High https://security.archlinux.org/AVG-2703
cvssv3.1 8.8 https://support.apple.com/en-us/HT213182
ssvc Track https://support.apple.com/en-us/HT213182
cvssv3.1 8.8 https://support.apple.com/en-us/HT213183
ssvc Track https://support.apple.com/en-us/HT213183
cvssv3.1 8.8 https://support.apple.com/en-us/HT213186
ssvc Track https://support.apple.com/en-us/HT213186
cvssv3.1 8.8 https://support.apple.com/en-us/HT213187
ssvc Track https://support.apple.com/en-us/HT213187
cvssv3.1 8.8 https://support.apple.com/en-us/HT213193
ssvc Track https://support.apple.com/en-us/HT213193
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22637.json
https://api.first.org/data/v1/epss?cve=CVE-2022-22637
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30934
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30936
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30951
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30952
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30953
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30954
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30984
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22594
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22637
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://support.apple.com/en-us/HT213182
https://support.apple.com/en-us/HT213183
https://support.apple.com/en-us/HT213186
https://support.apple.com/en-us/HT213187
https://support.apple.com/en-us/HT213193
2073903 https://bugzilla.redhat.com/show_bug.cgi?id=2073903
AVG-2703 https://security.archlinux.org/AVG-2703
cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
CVE-2022-22637 https://nvd.nist.gov/vuln/detail/CVE-2022-22637
RHSA-2022:1777 https://access.redhat.com/errata/RHSA-2022:1777
USN-5394-1 https://usn.ubuntu.com/5394-1/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22637.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2022-22637
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2022-22637
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/HT213182
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-22T15:51:39Z/ Found at https://support.apple.com/en-us/HT213182
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/HT213183
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-22T15:51:39Z/ Found at https://support.apple.com/en-us/HT213183
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/HT213186
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-22T15:51:39Z/ Found at https://support.apple.com/en-us/HT213186
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/HT213187
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-22T15:51:39Z/ Found at https://support.apple.com/en-us/HT213187
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/HT213193
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-22T15:51:39Z/ Found at https://support.apple.com/en-us/HT213193
Exploit Prediction Scoring System (EPSS)
Percentile 0.29124
EPSS Score 0.00101
Published At May 23, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.