CVE-2022-42798

{"id": "CVE-2022-42798", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2022-11-01T20:15:22.847", "references": [{"url": "https://support.apple.com/en-us/HT213488", "tags": ["Release Notes", "Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/HT213489", "tags": ["Release Notes", "Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/HT213490", "tags": ["Release Notes", "Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/HT213491", "tags": ["Release Notes", "Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/HT213492", "tags": ["Release Notes", "Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/HT213493", "tags": ["Release Notes", "Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/HT213494", "tags": ["Release Notes", "Vendor Advisory"], "source": "product-security@apple.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16, macOS Monterey 12.6.1, macOS Big Sur 11.7.1. Parsing a maliciously crafted audio file may lead to disclosure of user information."}, {"lang": "es", "value": "El problema se solucion\u00f3 mejorando el manejo de la memoria. Este problema se solucion\u00f3 en tvOS 16.1, iOS 15.7.1 y iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, iOS 16.1 y iPadOS 16, macOS Monterey 12.6.1, macOS Big Sur 11.7.1. El an\u00e1lisis de un archivo de audio creado con fines malintencionados puede dar lugar a la divulgaci\u00f3n de informaci\u00f3n del usuario."}], "lastModified": "2022-11-03T03:52:43.690", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "46D91788-9173-4FA2-A956-18286461B859", "versionEndExcluding": "15.7.1"}, {"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0C42DEF1-164C-42F0-932E-A6B2F4CD8557", "versionEndExcluding": "15.7.1"}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D832A844-E337-4151-83EF-FAEF32377223", "versionEndExcluding": "11.7.1", "versionStartIncluding": "11.0"}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0DAECB4D-F46A-4E96-99DE-769E397C77E4", "versionEndExcluding": "12.6.1", "versionStartIncluding": "12.0"}, {"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F3B857D6-19FE-4535-9BA2-6BD54B9BB6F5", "versionEndExcluding": "16.1"}, {"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "32BABE0E-193A-4A4D-96E9-84BB48649C9A", "versionEndExcluding": "9.1"}], "operator": "OR"}]}], "sourceIdentifier": "product-security@apple.com"}