UBUNTU-CVE-2022-22594

See a problem?
Please try reporting it to the source first.
Source
https://ubuntu.com/security/CVE-2022-22594
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-22594.json
JSON Data
https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2022-22594
Upstream
Published
2022-03-18T18:15:00Z
Modified
2025-07-16T08:27:43.746450Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVSS Calculator
  • Ubuntu - medium
Summary
[none]
Details

A cross-origin issue in the IndexDB API was addressed with improved input validation. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. A website may be able to track sensitive user information.

References

Affected packages

Ubuntu:Pro:16.04:LTS / qtwebkit-opensource-src

Package

Name
qtwebkit-opensource-src
Purl
pkg:deb/ubuntu/qtwebkit-opensource-src@5.5.1+dfsg-2ubuntu1?arch=source&distro=esm-infra/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.4.2+dfsg-1ubuntu2.1
5.5.1+dfsg-2ubuntu1

Ubuntu:Pro:16.04:LTS / webkit2gtk

Package

Name
webkit2gtk
Purl
pkg:deb/ubuntu/webkit2gtk@2.20.5-0ubuntu0.16.04.1?arch=source&distro=esm-infra/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.8.5+dfsg1-3
2.10.3+dfsg1-1
2.10.4+dfsg1-1
2.10.5-1
2.10.6-1
2.10.6-1ubuntu1
2.10.8-1ubuntu1
2.10.9-1ubuntu1
2.12.5-0ubuntu0.16.04.1
2.14.2-0ubuntu0.16.04.1
2.14.3-0ubuntu0.16.04.1
2.14.5-0ubuntu0.16.04.1
2.16.1-0ubuntu0.16.04.1
2.16.1-0ubuntu0.16.04.2
2.16.2-0ubuntu0.16.04.1
2.16.3-0ubuntu0.16.04.1
2.16.6-0ubuntu0.16.04.1
2.18.0-0ubuntu0.16.04.2
2.18.3-0ubuntu0.16.04.1
2.18.4-0ubuntu0.16.04.1
2.18.5-0ubuntu0.16.04.1
2.18.6-0ubuntu0.16.04.1
2.20.1-0ubuntu0.16.04.1
2.20.2-0ubuntu0.16.04.1
2.20.3-0ubuntu0.16.04.1
2.20.5-0ubuntu0.16.04.1

Ubuntu:Pro:16.04:LTS / qtwebkit-source

Package

Name
qtwebkit-source
Purl
pkg:deb/ubuntu/qtwebkit-source@2.3.2-0ubuntu11?arch=source&distro=esm-apps/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.3.2-0ubuntu10
2.3.2-0ubuntu11

Ubuntu:Pro:16.04:LTS / webkitgtk

Package

Name
webkitgtk
Purl
pkg:deb/ubuntu/webkitgtk@2.4.11-0ubuntu0.1?arch=source&distro=esm-apps/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.4.9-2ubuntu2
2.4.10-0ubuntu1
2.4.11-0ubuntu0.1

Ubuntu:Pro:18.04:LTS / webkit2gtk

Package

Name
webkit2gtk
Purl
pkg:deb/ubuntu/webkit2gtk@2.32.4-0ubuntu0.18.04.1?arch=source&distro=esm-infra/bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.18.0-2
2.18.0-2build1
2.18.2-1
2.18.3-1
2.18.4-1
2.18.6-1
2.19.91-1ubuntu1
2.19.92-1
2.20.0-1
2.20.0-2
2.20.0-2ubuntu1
2.20.1-1
2.20.2-0ubuntu0.18.04.1
2.20.3-0ubuntu0.18.04.1
2.20.5-0ubuntu0.18.04.1
2.22.2-0ubuntu0.18.04.1
2.22.2-0ubuntu0.18.04.2
2.22.4-0ubuntu0.18.04.1
2.22.5-0ubuntu0.18.04.1
2.22.6-0ubuntu0.18.04.1
2.24.1-0ubuntu0.18.04.1
2.24.2-0ubuntu0.18.04.1
2.24.4-0ubuntu0.18.04.1
2.26.1-0ubuntu0.18.04.1
2.26.2-0ubuntu0.18.04.1
2.26.3-0ubuntu0.18.04.1
2.26.4-0ubuntu0.18.04.1
2.28.0-0ubuntu0.18.04.3
2.28.1-0ubuntu0.18.04.1
2.28.2-0ubuntu0.18.04.1
2.28.3-0ubuntu0.18.04.1
2.28.4-0ubuntu0.18.04.1
2.30.3-0ubuntu0.18.04.1
2.30.5-0ubuntu0.18.04.1
2.30.6-0ubuntu0.18.04.1
2.32.0-0ubuntu0.18.04.1
2.32.3-0ubuntu0.18.04.1
2.32.4-0ubuntu0.18.04.1

Ubuntu:Pro:18.04:LTS / qtwebkit-opensource-src

Package

Name
qtwebkit-opensource-src
Purl
pkg:deb/ubuntu/qtwebkit-opensource-src@5.212.0~alpha2-7ubuntu1?arch=source&distro=esm-apps/bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.9.1+dfsg-5ubuntu1
5.9.1+dfsg-5ubuntu3
5.212.0~alpha2-5build2
5.212.0~alpha2-5build4
5.212.0~alpha2-7
5.212.0~alpha2-7build2
5.212.0~alpha2-7ubuntu1

Ubuntu:Pro:18.04:LTS / qtwebkit-source

Package

Name
qtwebkit-source
Purl
pkg:deb/ubuntu/qtwebkit-source@2.3.2-0ubuntu13?arch=source&distro=esm-apps/bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.3.2-0ubuntu13

Ubuntu:Pro:18.04:LTS / webkitgtk

Package

Name
webkitgtk
Purl
pkg:deb/ubuntu/webkitgtk@2.4.11-3ubuntu3?arch=source&distro=esm-apps/bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.4.11-3
2.4.11-3ubuntu2
2.4.11-3ubuntu3

Ubuntu:20.04:LTS / webkit2gtk

Package

Name
webkit2gtk
Purl
pkg:deb/ubuntu/webkit2gtk@2.34.4-0ubuntu0.20.04.1?arch=source&distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.34.4-0ubuntu0.20.04.1

Affected versions

2.*

2.26.1-3
2.26.2-1
2.26.3-1ubuntu2
2.26.4-1ubuntu1
2.28.0-1ubuntu2
2.28.1-1
2.28.2-0ubuntu0.20.04.1
2.28.3-0ubuntu0.20.04.1
2.28.4-0ubuntu0.20.04.1
2.30.3-0ubuntu0.20.04.1
2.30.5-0ubuntu0.20.04.1
2.30.6-0ubuntu0.20.04.1
2.32.0-0ubuntu0.20.04.1
2.32.3-0ubuntu0.20.04.1
2.32.4-0ubuntu0.20.04.1
2.34.1-0ubuntu0.20.04.1
2.34.3-0ubuntu0.20.04.1

Ecosystem specific 

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_version": "2.34.4-0ubuntu0.20.04.1",
            "binary_name": "gir1.2-javascriptcoregtk-4.0"
        },
        {
            "binary_version": "2.34.4-0ubuntu0.20.04.1",
            "binary_name": "gir1.2-webkit2-4.0"
        },
        {
            "binary_version": "2.34.4-0ubuntu0.20.04.1",
            "binary_name": "libjavascriptcoregtk-4.0-18"
        },
        {
            "binary_version": "2.34.4-0ubuntu0.20.04.1",
            "binary_name": "libjavascriptcoregtk-4.0-18-dbgsym"
        },
        {
            "binary_version": "2.34.4-0ubuntu0.20.04.1",
            "binary_name": "libjavascriptcoregtk-4.0-bin"
        },
        {
            "binary_version": "2.34.4-0ubuntu0.20.04.1",
            "binary_name": "libjavascriptcoregtk-4.0-bin-dbgsym"
        },
        {
            "binary_version": "2.34.4-0ubuntu0.20.04.1",
            "binary_name": "libjavascriptcoregtk-4.0-dev"
        },
        {
            "binary_version": "2.34.4-0ubuntu0.20.04.1",
            "binary_name": "libwebkit2gtk-4.0-37"
        },
        {
            "binary_version": "2.34.4-0ubuntu0.20.04.1",
            "binary_name": "libwebkit2gtk-4.0-37-dbgsym"
        },
        {
            "binary_version": "2.34.4-0ubuntu0.20.04.1",
            "binary_name": "libwebkit2gtk-4.0-37-gtk2"
        },
        {
            "binary_version": "2.34.4-0ubuntu0.20.04.1",
            "binary_name": "libwebkit2gtk-4.0-dev"
        },
        {
            "binary_version": "2.34.4-0ubuntu0.20.04.1",
            "binary_name": "libwebkit2gtk-4.0-doc"
        },
        {
            "binary_version": "2.34.4-0ubuntu0.20.04.1",
            "binary_name": "webkit2gtk-driver"
        },
        {
            "binary_version": "2.34.4-0ubuntu0.20.04.1",
            "binary_name": "webkit2gtk-driver-dbgsym"
        }
    ]
}

Ubuntu:Pro:20.04:LTS / qtwebkit-opensource-src

Package

Name
qtwebkit-opensource-src
Purl
pkg:deb/ubuntu/qtwebkit-opensource-src@5.212.0~alpha4-1ubuntu2.1?arch=source&distro=esm-apps/focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.212.0~alpha3-3
5.212.0~alpha3-5
5.212.0~alpha3-6
5.212.0~alpha3-7
5.212.0~alpha4-1
5.212.0~alpha4-1ubuntu1
5.212.0~alpha4-1ubuntu2
5.212.0~alpha4-1ubuntu2.1

Ubuntu:Pro:20.04:LTS / wpewebkit

Package

Name
wpewebkit
Purl
pkg:deb/ubuntu/wpewebkit@2.28.1-1?arch=source&distro=esm-apps/focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.26.3-1
2.26.4-1
2.26.4-1build1
2.28.0-1
2.28.1-1

Ubuntu:22.04:LTS / qtwebkit-opensource-src

Package

Name
qtwebkit-opensource-src
Purl
pkg:deb/ubuntu/qtwebkit-opensource-src@5.212.0~alpha4-15ubuntu1?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.212.0~alpha4-12
5.212.0~alpha4-13
5.212.0~alpha4-14
5.212.0~alpha4-14build1
5.212.0~alpha4-14ubuntu2
5.212.0~alpha4-15ubuntu1

Ubuntu:22.04:LTS / wpewebkit

Package

Name
wpewebkit
Purl
pkg:deb/ubuntu/wpewebkit@2.36.0-2ubuntu3?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.32.4-1
2.34.1-1
2.34.2-1
2.34.3-1
2.34.4-1
2.34.5-1
2.34.6-1
2.36.0-2ubuntu2
2.36.0-2ubuntu3

Ubuntu:24.04:LTS / qtwebkit-opensource-src

Package

Name
qtwebkit-opensource-src
Purl
pkg:deb/ubuntu/qtwebkit-opensource-src@5.212.0~alpha4-36?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.212.0~alpha4-33
5.212.0~alpha4-33build1
5.212.0~alpha4-34
5.212.0~alpha4-34ubuntu3
5.212.0~alpha4-34ubuntu4
5.212.0~alpha4-36