A type confusion issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2. Processing a maliciously crafted package may lead to arbitrary code execution.

Related CVEs

CVE-2022-42841

Key Information

GHSA ID

GHSA-qhqr-ffv4-wv7f

Published

December 15, 2022 9:30 PM

Last Modified

December 19, 2022 9:30 PM

CVSS Score

7.5 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: July 27, 2025 6:35 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.