Search for vulnerabilities
Vulnerability details: VCID-x5d9-z4z2-k3dd
Vulnerability ID VCID-x5d9-z4z2-k3dd
Aliases CVE-2022-22637
Summary A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5, iOS 15.4 and iPadOS 15.4, tvOS 15.4. A malicious website may cause unexpected cross-origin behavior.
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
cvssv3 8.8 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22637.json
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00111 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00111 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00111 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00111 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
epss 0.00111 https://api.first.org/data/v1/epss?cve=CVE-2022-22637
cvssv3.1 6.5 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-22637
archlinux High https://security.archlinux.org/AVG-2703
cvssv3.1 8.8 https://support.apple.com/en-us/HT213182
ssvc Track https://support.apple.com/en-us/HT213182
cvssv3.1 8.8 https://support.apple.com/en-us/HT213183
ssvc Track https://support.apple.com/en-us/HT213183
cvssv3.1 8.8 https://support.apple.com/en-us/HT213186
ssvc Track https://support.apple.com/en-us/HT213186
cvssv3.1 8.8 https://support.apple.com/en-us/HT213187
ssvc Track https://support.apple.com/en-us/HT213187
cvssv3.1 8.8 https://support.apple.com/en-us/HT213193
ssvc Track https://support.apple.com/en-us/HT213193
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22637.json
https://api.first.org/data/v1/epss?cve=CVE-2022-22637
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30934
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30936
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30951
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30952
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30953
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30954
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30984
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22594
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22637
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://support.apple.com/en-us/HT213183
2073903 https://bugzilla.redhat.com/show_bug.cgi?id=2073903
AVG-2703 https://security.archlinux.org/AVG-2703
cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
CVE-2022-22637 https://nvd.nist.gov/vuln/detail/CVE-2022-22637
HT213182 https://support.apple.com/en-us/HT213182
HT213186 https://support.apple.com/en-us/HT213186
HT213187 https://support.apple.com/en-us/HT213187
HT213193 https://support.apple.com/en-us/HT213193
RHSA-2022:1777 https://access.redhat.com/errata/RHSA-2022:1777
RHSA-2025:10364 https://access.redhat.com/errata/RHSA-2025:10364
USN-5394-1 https://usn.ubuntu.com/5394-1/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22637.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2022-22637
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/HT213182
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-22T15:51:39Z/ Found at https://support.apple.com/en-us/HT213182
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/HT213183
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-22T15:51:39Z/ Found at https://support.apple.com/en-us/HT213183
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/HT213186
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-22T15:51:39Z/ Found at https://support.apple.com/en-us/HT213186
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/HT213187
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-22T15:51:39Z/ Found at https://support.apple.com/en-us/HT213187
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/HT213193
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-22T15:51:39Z/ Found at https://support.apple.com/en-us/HT213193
Exploit Prediction Scoring System (EPSS)
Percentile 0.29819
EPSS Score 0.00108
Published At July 30, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T08:36:59.602407+00:00 Alpine Linux Importer Import https://secdb.alpinelinux.org/v3.18/community.json 37.0.0