I'm not sure what the lag is, but from what I've seen all Apple CVE's are made public at some point. The last one I got before this bunch (from security-annouce@lists.apple.com) was a month ago (relating to iOS and iPadOS 16.1.1 addressing a libxml2 integer overflow - CVE-2022-40303). If you look up that CVE at mitre.org, it's no longer marked as "RESERVED".
I'm not sure what the lag is, but from what I've seen all Apple CVE's are made public at some point. The last one I got before this bunch (from security-annouce@lists.apple.com) was a month ago (relating to iOS and iPadOS 16.1.1 addressing a libxml2 integer overflow - CVE-2022-40303). If you look up that CVE at mitre.org, it's no longer marked as "RESERVED".