Search for vulnerabilities
Vulnerability details: VCID-y6eh-ke2e-aaaa
Vulnerability ID VCID-y6eh-ke2e-aaaa
Aliases CVE-2022-48503
Summary The issue was addressed with improved bounds checks. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing web content may lead to arbitrary code execution.
Status Published
Exploitability 0.5
Weighted Severity 7.9
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-94 Improper Control of Generation of Code ('Code Injection')
System Score Found at
cvssv3 8.8 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48503.json
epss 0.00209 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00211 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00211 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00211 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00211 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00225 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00225 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00225 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00225 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00225 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00225 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00225 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00225 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00225 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00225 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00225 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00273 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00273 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00273 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00273 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00273 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00273 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00273 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00273 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00273 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00273 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00273 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00273 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00273 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00273 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00273 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00273 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00273 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00324 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00324 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00324 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00324 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00324 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00324 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00324 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00324 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00324 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00324 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00324 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00324 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00324 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00324 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00324 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00324 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00324 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00324 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00324 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00324 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00324 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00324 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00324 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00324 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00324 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00324 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00324 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00324 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00324 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00324 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00324 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00324 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00324 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00324 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00324 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00324 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00324 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00324 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00324 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00324 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00324 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00324 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00324 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00324 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00324 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00324 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00324 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00324 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00324 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00324 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00324 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00324 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00333 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00333 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.00333 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
epss 0.01345 https://api.first.org/data/v1/epss?cve=CVE-2022-48503
cvssv3.1 8.8 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-48503
cvssv3.1 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-48503
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48503.json
https://api.first.org/data/v1/epss?cve=CVE-2022-48503
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32886
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32888
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32923
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32933
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42863
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48503
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25358
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25360
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25361
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25362
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25363
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42833
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://support.apple.com/en-us/HT213340
https://support.apple.com/en-us/HT213341
https://support.apple.com/en-us/HT213342
https://support.apple.com/en-us/HT213345
https://support.apple.com/en-us/HT213346
2218623 https://bugzilla.redhat.com/show_bug.cgi?id=2218623
cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
CVE-2022-48503 https://nvd.nist.gov/vuln/detail/CVE-2022-48503
RHSA-2023:2256 https://access.redhat.com/errata/RHSA-2023:2256
RHSA-2023:2834 https://access.redhat.com/errata/RHSA-2023:2834
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48503.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2022-48503
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2022-48503
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.59281
EPSS Score 0.00209
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.