===================================================================                                 CERT-Renater

                      Note d'Information No. 2022/VULN255

_____________________________________________________________________

DATE                : 22/07/2022

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Safari on macOS Big Sur et Catalina

====================================================================https://support.apple.com/fr-fr/HT213341
_____________________________________________________________________


Released July 20, 2022


Safari Extensions

Available for: macOS Big Sur and macOS Catalina

Impact: Visiting a maliciously crafted website may leak sensitive data
Description: The issue was addressed with improved UI handling.

CVE-2022-32784: Young Min Kim of CompSec Lab at Seoul National University

We
bKit

Available for: macOS Big Sur and macOS Catalina

Impact: Processing maliciously crafted web content may lead to arbitrary
code execution

Description: An out-of-bounds write issue was addressed with improved
input validation.

WebKit Bugzilla: 240720
CVE-2022-32792: Manfred Paul (@_manfp) working with Trend Micro Zero Day
Initiative


WebRTC

Available for: macOS Big Sur and macOS Catalina

Impact: Processing maliciously crafted web content may lead to arbitrary
code execution.

Description: A memory corruption issue was addressed with improved state
management.

WebKit Bugzilla: 242339
CVE-2022-2294: Jan Vojtesek of Avast Threat Intelligence team


========================================================+ CERT-RENATER        |    tel : 01-53-94-20-44         +
+ 23/25 Rue Daviel    |    fax : 01-53-94-20-41         +
+ 75013 Paris         |   email:cert@support.renater.fr +
=======================================================


--------------2HTFxehzd5i0yWycHhy6VbTj--