{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2022-48503","assignerOrgId":"286789f9-fbc2-4510-9f9a-43facdede74c","state":"PUBLISHED","assignerShortName":"apple","dateReserved":"2023-06-12T20:53:52.872Z","datePublished":"2023-08-14T22:40:49.354Z","dateUpdated":"2025-10-21T23:05:41.290Z"},"containers":{"cna":{"problemTypes":[{"descriptions":[{"lang":"en","description":"Processing web content may lead to arbitrary code execution"}]}],"affected":[{"vendor":"Apple","product":"macOS","versions":[{"version":"unspecified","status":"affected","lessThan":"12.5","versionType":"custom"}]},{"vendor":"Apple","product":"tvOS","versions":[{"version":"unspecified","status":"affected","lessThan":"15.6","versionType":"custom"}]},{"vendor":"Apple","product":"Safari","versions":[{"version":"unspecified","status":"affected","lessThan":"15.6","versionType":"custom"}]},{"vendor":"Apple","product":"watchOS","versions":[{"version":"unspecified","status":"affected","lessThan":"8.7","versionType":"custom"}]},{"vendor":"Apple","product":"iOS and iPadOS","versions":[{"version":"unspecified","status":"affected","lessThan":"15.6","versionType":"custom"}]}],"descriptions":[{"lang":"en","value":"The issue was addressed with improved bounds checks. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing web content may lead to arbitrary code execution."}],"references":[{"url":"https://support.apple.com/en-us/HT213345"},{"url":"https://support.apple.com/en-us/HT213342"},{"url":"https://support.apple.com/en-us/HT213341"},{"url":"https://support.apple.com/en-us/HT213340"},{"url":"https://support.apple.com/en-us/HT213346"}],"providerMetadata":{"orgId":"286789f9-fbc2-4510-9f9a-43facdede74c","shortName":"apple","dateUpdated":"2023-08-14T22:40:49.354Z"}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-03T15:17:54.662Z"},"title":"CVE Program Container","references":[{"url":"https://support.apple.com/en-us/HT213345","tags":["x_transferred"]},{"url":"https://support.apple.com/en-us/HT213342","tags":["x_transferred"]},{"url":"https://support.apple.com/en-us/HT213341","tags":["x_transferred"]},{"url":"https://support.apple.com/en-us/HT213340","tags":["x_transferred"]},{"url":"https://support.apple.com/en-us/HT213346","tags":["x_transferred"]}]},{"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":8.8,"attackVector":"NETWORK","baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","integrityImpact":"HIGH","userInteraction":"REQUIRED","attackComplexity":"LOW","availabilityImpact":"HIGH","privilegesRequired":"NONE","confidentialityImpact":"HIGH"}},{"other":{"type":"ssvc","content":{"id":"CVE-2022-48503","role":"CISA Coordinator","options":[{"Exploitation":"active"},{"Automatable":"no"},{"Technical Impact":"total"}],"version":"2.0.3","timestamp":"2025-10-20T14:53:48.228137Z"}}},{"other":{"type":"kev","content":{"dateAdded":"2025-10-20","reference":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-48503"}}}],"references":[{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-48503","tags":["government-resource"]}],"problemTypes":[{"descriptions":[{"lang":"en","type":"CWE","cweId":"CWE-129","description":"CWE-129 Improper Validation of Array Index"}]}],"timeline":[{"time":"2025-10-20T00:00:00.000Z","lang":"en","value":"CVE-2022-48503 added to CISA KEV"}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-10-21T23:05:41.290Z"}}]}}