vulnerability

OS X update for WebKit Storage (CVE-2022-22594)

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:N/A:N)

Published

Feb 18, 2022

Added

Feb 18, 2022

Modified

Mar 27, 2026

Description

A cross-origin issue in the IndexDB API was addressed with improved input validation. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. A website may be able to track sensitive user information.

Solution

apple-osx-upgrade-12_2

References

CVE-2022-22594
https://attackerkb.com/topics/CVE-2022-22594
CWE-346
EUVD-EUVD-2022-27739
https://euvd.enisa.europa.eu/vulnerability/EUVD-2022-27739
https://support.apple.com/kb/HT213054

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report