diff --git a/2022/22xxx/CVE-2022-22629.json b/2022/22xxx/CVE-2022-22629.json index 5a2cd726bbd..cf2c428dbe4 100644 --- a/2022/22xxx/CVE-2022-22629.json +++ b/2022/22xxx/CVE-2022-22629.json @@ -4,14 +4,150 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-22629", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "Safari", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "15.4" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "15.4" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.3" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "15.4" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "8.5" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.12" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.12" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Processing maliciously crafted web content may lead to arbitrary code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213182", + "name": "https://support.apple.com/en-us/HT213182" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213193", + "name": "https://support.apple.com/en-us/HT213193" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213183", + "name": "https://support.apple.com/en-us/HT213183" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213186", + "name": "https://support.apple.com/en-us/HT213186" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213188", + "name": "https://support.apple.com/en-us/HT213188" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213187", + "name": "https://support.apple.com/en-us/HT213187" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5, iTunes 12.12.3 for Windows, iOS 15.4 and iPadOS 15.4, tvOS 15.4. Processing maliciously crafted web content may lead to arbitrary code execution." } ] } diff --git a/2022/32xxx/CVE-2022-32814.json b/2022/32xxx/CVE-2022-32814.json index 23d3082d23a..190d963baa1 100644 --- a/2022/32xxx/CVE-2022-32814.json +++ b/2022/32xxx/CVE-2022-32814.json @@ -4,14 +4,129 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-32814", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "product-security@apple.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Apple", + "product": { + "product_data": [ + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.5" + } + ] + } + }, + { + "product_name": "macOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "12.5" + } + ] + } + }, + { + "product_name": "tvOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "15.6" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "8.7" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "8.7" + } + ] + } + }, + { + "product_name": "watchOS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "15.6" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "An app may be able to execute arbitrary code with kernel privileges" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213345", + "name": "https://support.apple.com/en-us/HT213345" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213340", + "name": "https://support.apple.com/en-us/HT213340" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213342", + "name": "https://support.apple.com/en-us/HT213342" + }, + { + "refsource": "MISC", + "url": "https://support.apple.com/en-us/HT213346", + "name": "https://support.apple.com/en-us/HT213346" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A type confusion issue was addressed with improved state handling. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges." } ] } diff --git a/2022/3xxx/CVE-2022-3292.json b/2022/3xxx/CVE-2022-3292.json new file mode 100644 index 00000000000..b9c03470cf5 --- /dev/null +++ b/2022/3xxx/CVE-2022-3292.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-3292", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/40xxx/CVE-2022-40665.json b/2022/40xxx/CVE-2022-40665.json index 1db6216e4f3..ec58c2a6572 100644 --- a/2022/40xxx/CVE-2022-40665.json +++ b/2022/40xxx/CVE-2022-40665.json @@ -5,13 +5,13 @@ "CVE_data_meta": { "ID": "CVE-2022-40665", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none." } ] } diff --git a/2022/40xxx/CVE-2022-40666.json b/2022/40xxx/CVE-2022-40666.json index d83ae53f329..3dc21d1398e 100644 --- a/2022/40xxx/CVE-2022-40666.json +++ b/2022/40xxx/CVE-2022-40666.json @@ -5,13 +5,13 @@ "CVE_data_meta": { "ID": "CVE-2022-40666", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none." } ] } diff --git a/2022/40xxx/CVE-2022-40667.json b/2022/40xxx/CVE-2022-40667.json index 585c9648349..a935466f22b 100644 --- a/2022/40xxx/CVE-2022-40667.json +++ b/2022/40xxx/CVE-2022-40667.json @@ -5,13 +5,13 @@ "CVE_data_meta": { "ID": "CVE-2022-40667", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none." } ] } diff --git a/2022/40xxx/CVE-2022-40668.json b/2022/40xxx/CVE-2022-40668.json index 8dcea5eed70..9a83d837486 100644 --- a/2022/40xxx/CVE-2022-40668.json +++ b/2022/40xxx/CVE-2022-40668.json @@ -5,13 +5,13 @@ "CVE_data_meta": { "ID": "CVE-2022-40668", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none." } ] } diff --git a/2022/40xxx/CVE-2022-40669.json b/2022/40xxx/CVE-2022-40669.json index 97e9cdc67ac..7a33d19b5d5 100644 --- a/2022/40xxx/CVE-2022-40669.json +++ b/2022/40xxx/CVE-2022-40669.json @@ -5,13 +5,13 @@ "CVE_data_meta": { "ID": "CVE-2022-40669", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none." } ] }