CVE-2022-32786
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
23/09/2022
Last modified:
22/05/2025
Description
An issue in the handling of environment variables was addressed with improved validation. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. An app may be able to modify protected parts of the file system.
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:* | ||
| cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:* | ||
| cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:* | ||
| cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:* | ||
| cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:* | ||
| cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:* | ||
| cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:* | ||
| cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:* | ||
| cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-008:*:*:*:*:*:* | ||
| cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-001:*:*:*:*:*:* | ||
| cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-002:*:*:*:*:*:* | ||
| cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-003:*:*:*:*:*:* | ||
| cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* | 10.15.7 (excluding) | |
| cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* | 11.0 (including) | 11.6.8 (excluding) |
| cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* | 12.0 (including) | 12.5 (excluding) |
To consult the complete list of CPE names with products and versions, see this page