CVE-2022-22594

MEDIUM6.5EPSS 0.21%

Published: 3/18/2022Modified: 4/28/2026

Description

A cross-origin issue in the IndexDB API was addressed with improved input validation. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. A website may be able to track sensitive user information.

Affected packages (2)

Debian/webkit2gtkfrom 0, < 2.34.4-1~deb11u1
Debian/wpewebkitfrom 0, < 2.34.4-1~deb11u1

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	MEDIUM6.5	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2022-22594