cvedb.io
CVE-2022-22585
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2022-03-18T18:15:12.400 · Last modified 2026-06-17T04:28:38.100

Summary

An issue existed within the path validation logic for symlinks. This issue was addressed with improved path sanitization. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, macOS Monterey 12.2, macOS Big Sur 11.6.3. An application may be able to access a user's files.

Affected products

apple — ipados

Does this affect you?

Add your gear to cvedb and we'll alert you only when apple ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.