CVE-2022-22620

Known Exploited Vulnerability Entry External Catalog

Back to Catalog View Vulnerability
Entry Details

CVE-2022-22620

Confirmed

Yes

2022-02-11 00:00 UTC

Timestamps

2022-02-11

2022-02-11

Scope

KEV entry: Apple iOS, iPadOS, and macOS Webkit Use-After-Free Vulnerability | Affected: Apple / iOS, iPadOS, and macOS | Description: Apple iOS, iPadOS, and macOS WebKit contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing. | Required action: Apply updates per vendor instructions. | Due date: 2022-02-25 | Known ransomware campaign use (KEV): Unknown | Notes (KEV): https://nvd.nist.gov/vuln/detail/CVE-2022-22620

References
  • {'id': 'CVE-2022-22620', 'url': 'https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2022-22620'}

41b2595e-27b5-48b4-bdb8-33573d5ee699

405284c2-e461-4670-8979-7fd2c9755a60

2026-02-02 13:25 UTC

2026-02-06 07:53 UTC

Evidence (1)
Type Source Signal Confidence Details GCVE Metadata
vendor_report cisa-kev successful_exploitation 0.80
View details 
{
  "cwes": [
    "CWE-416"
  ],
  "date_added": "2022-02-11",
  "due_date": "2022-02-25",
  "feed": "CISA Known Exploited Vulnerabilities Catalog",
  "knownRansomwareCampaignUse": "Unknown",
  "product": "iOS, iPadOS, and macOS",
  "vendorProject": "Apple",
  "vulnerabilityName": "Apple iOS, iPadOS, and macOS Webkit Use-After-Free Vulnerability"
}
 -
Export Options
JSON Object JSON API View Full Catalog