Search for vulnerabilities
Vulnerability details: VCID-v8qh-wyy5-s3fr
Vulnerability ID VCID-v8qh-wyy5-s3fr
Aliases CVE-2022-46698
Summary A logic issue was addressed with improved checks. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may disclose sensitive user information.
Status Published
Exploitability 0.5
Weighted Severity 5.9
Risk 3.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
System Score Found at
cvssv3 6.5 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46698.json
epss 0.00424 https://api.first.org/data/v1/epss?cve=CVE-2022-46698
epss 0.00424 https://api.first.org/data/v1/epss?cve=CVE-2022-46698
epss 0.00424 https://api.first.org/data/v1/epss?cve=CVE-2022-46698
epss 0.00424 https://api.first.org/data/v1/epss?cve=CVE-2022-46698
epss 0.00424 https://api.first.org/data/v1/epss?cve=CVE-2022-46698
epss 0.00424 https://api.first.org/data/v1/epss?cve=CVE-2022-46698
epss 0.00424 https://api.first.org/data/v1/epss?cve=CVE-2022-46698
epss 0.00424 https://api.first.org/data/v1/epss?cve=CVE-2022-46698
epss 0.00424 https://api.first.org/data/v1/epss?cve=CVE-2022-46698
epss 0.00424 https://api.first.org/data/v1/epss?cve=CVE-2022-46698
epss 0.00424 https://api.first.org/data/v1/epss?cve=CVE-2022-46698
epss 0.00424 https://api.first.org/data/v1/epss?cve=CVE-2022-46698
epss 0.00424 https://api.first.org/data/v1/epss?cve=CVE-2022-46698
epss 0.00424 https://api.first.org/data/v1/epss?cve=CVE-2022-46698
epss 0.0046 https://api.first.org/data/v1/epss?cve=CVE-2022-46698
epss 0.0046 https://api.first.org/data/v1/epss?cve=CVE-2022-46698
epss 0.0046 https://api.first.org/data/v1/epss?cve=CVE-2022-46698
epss 0.0046 https://api.first.org/data/v1/epss?cve=CVE-2022-46698
cvssv3.1 6.5 http://seclists.org/fulldisclosure/2022/Dec/20
ssvc Track http://seclists.org/fulldisclosure/2022/Dec/20
cvssv3.1 6.5 http://seclists.org/fulldisclosure/2022/Dec/23
ssvc Track http://seclists.org/fulldisclosure/2022/Dec/23
cvssv3.1 6.5 http://seclists.org/fulldisclosure/2022/Dec/26
ssvc Track http://seclists.org/fulldisclosure/2022/Dec/26
cvssv3.1 6.5 http://seclists.org/fulldisclosure/2022/Dec/27
ssvc Track http://seclists.org/fulldisclosure/2022/Dec/27
cvssv3.1 6.5 http://seclists.org/fulldisclosure/2022/Dec/28
ssvc Track http://seclists.org/fulldisclosure/2022/Dec/28
cvssv3.1 6.5 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-46698
cvssv3.1 6.5 https://security.gentoo.org/glsa/202305-32
ssvc Track https://security.gentoo.org/glsa/202305-32
cvssv3.1 6.5 https://support.apple.com/en-us/HT213530
ssvc Track https://support.apple.com/en-us/HT213530
cvssv3.1 6.5 https://support.apple.com/en-us/HT213532
ssvc Track https://support.apple.com/en-us/HT213532
cvssv3.1 6.5 https://support.apple.com/en-us/HT213535
ssvc Track https://support.apple.com/en-us/HT213535
cvssv3.1 6.5 https://support.apple.com/en-us/HT213536
ssvc Track https://support.apple.com/en-us/HT213536
cvssv3.1 6.5 https://support.apple.com/en-us/HT213537
ssvc Track https://support.apple.com/en-us/HT213537
cvssv3.1 6.5 https://support.apple.com/en-us/HT213538
ssvc Track https://support.apple.com/en-us/HT213538
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46698.json
https://api.first.org/data/v1/epss?cve=CVE-2022-46698
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42852
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42856
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42867
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46692
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46698
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46699
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46700
http://seclists.org/fulldisclosure/2022/Dec/23
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
20 http://seclists.org/fulldisclosure/2022/Dec/20
202305-32 https://security.gentoo.org/glsa/202305-32
2156992 https://bugzilla.redhat.com/show_bug.cgi?id=2156992
26 http://seclists.org/fulldisclosure/2022/Dec/26
27 http://seclists.org/fulldisclosure/2022/Dec/27
28 http://seclists.org/fulldisclosure/2022/Dec/28
cpe:2.3:a:apple:icloud:*:*:*:*:*:windows:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:icloud:*:*:*:*:*:windows:*:*
cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
CVE-2022-46698 https://nvd.nist.gov/vuln/detail/CVE-2022-46698
HT213530 https://support.apple.com/en-us/HT213530
HT213532 https://support.apple.com/en-us/HT213532
HT213535 https://support.apple.com/en-us/HT213535
HT213536 https://support.apple.com/en-us/HT213536
HT213537 https://support.apple.com/en-us/HT213537
HT213538 https://support.apple.com/en-us/HT213538
RHSA-2023:2256 https://access.redhat.com/errata/RHSA-2023:2256
RHSA-2023:2834 https://access.redhat.com/errata/RHSA-2023:2834
RHSA-2025:10364 https://access.redhat.com/errata/RHSA-2025:10364
USN-5797-1 https://usn.ubuntu.com/5797-1/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46698.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at http://seclists.org/fulldisclosure/2022/Dec/20
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:47:18Z/ Found at http://seclists.org/fulldisclosure/2022/Dec/20
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at http://seclists.org/fulldisclosure/2022/Dec/23
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:47:18Z/ Found at http://seclists.org/fulldisclosure/2022/Dec/23
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at http://seclists.org/fulldisclosure/2022/Dec/26
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:47:18Z/ Found at http://seclists.org/fulldisclosure/2022/Dec/26
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at http://seclists.org/fulldisclosure/2022/Dec/27
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:47:18Z/ Found at http://seclists.org/fulldisclosure/2022/Dec/27
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at http://seclists.org/fulldisclosure/2022/Dec/28
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:47:18Z/ Found at http://seclists.org/fulldisclosure/2022/Dec/28
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2022-46698
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://security.gentoo.org/glsa/202305-32
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:47:18Z/ Found at https://security.gentoo.org/glsa/202305-32
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://support.apple.com/en-us/HT213530
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:47:18Z/ Found at https://support.apple.com/en-us/HT213530
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://support.apple.com/en-us/HT213532
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:47:18Z/ Found at https://support.apple.com/en-us/HT213532
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://support.apple.com/en-us/HT213535
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:47:18Z/ Found at https://support.apple.com/en-us/HT213535
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://support.apple.com/en-us/HT213536
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:47:18Z/ Found at https://support.apple.com/en-us/HT213536
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://support.apple.com/en-us/HT213537
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:47:18Z/ Found at https://support.apple.com/en-us/HT213537
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://support.apple.com/en-us/HT213538
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T13:47:18Z/ Found at https://support.apple.com/en-us/HT213538
Exploit Prediction Scoring System (EPSS)
Percentile 0.61476
EPSS Score 0.00424
Published At Aug. 3, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T08:43:11.060288+00:00 Ubuntu USN Importer Import https://usn.ubuntu.com/5797-1/ 37.0.0