Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2021-AVI-398
Vulnerability from certfr_avis - Published: 2021-05-25 - Updated: 2021-05-25
De multiples vulnérabilités ont été découvertes dans les produits Apple. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Apple | Safari | Safari versions antérieures à 14.1.1 | ||
| Apple | macOS | macOS Big Sur versions antérieures à 11.4 | ||
| Apple | macOS | macOS Catalina versions sans la mise à jour 2021-003 | ||
| Apple | N/A | iPadOS versions antérieures à 14.6 | ||
| Apple | N/A | tvOS versions antérieures à 14.6 | ||
| Apple | N/A | watchOS versions antérieures à 7.5 | ||
| Apple | macOS | macOS Mojave versions sans la mise à jour 2021-004 | ||
| Apple | N/A | iOS versions antérieures à 14.6 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Safari versions ant\u00e9rieures \u00e0 14.1.1",
"product": {
"name": "Safari",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Big Sur versions ant\u00e9rieures \u00e0 11.4",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Catalina versions sans la mise \u00e0 jour 2021-003",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iPadOS versions ant\u00e9rieures \u00e0 14.6",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "tvOS versions ant\u00e9rieures \u00e0 14.6",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "watchOS versions ant\u00e9rieures \u00e0 7.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Mojave versions sans la mise \u00e0 jour 2021-004",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iOS versions ant\u00e9rieures \u00e0 14.6",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-30678",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30678"
},
{
"name": "CVE-2021-30715",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30715"
},
{
"name": "CVE-2021-30724",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30724"
},
{
"name": "CVE-2021-30668",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30668"
},
{
"name": "CVE-2020-36230",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36230"
},
{
"name": "CVE-2021-30681",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30681"
},
{
"name": "CVE-2020-36221",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36221"
},
{
"name": "CVE-2021-30667",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30667"
},
{
"name": "CVE-2021-30722",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30722"
},
{
"name": "CVE-2021-30684",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30684"
},
{
"name": "CVE-2021-30737",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30737"
},
{
"name": "CVE-2021-30708",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30708"
},
{
"name": "CVE-2020-36225",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36225"
},
{
"name": "CVE-2021-30701",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30701"
},
{
"name": "CVE-2021-30743",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30743"
},
{
"name": "CVE-2021-30726",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30726"
},
{
"name": "CVE-2021-30676",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30676"
},
{
"name": "CVE-2021-30671",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30671"
},
{
"name": "CVE-2020-36224",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36224"
},
{
"name": "CVE-2021-30692",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30692"
},
{
"name": "CVE-2021-30677",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30677"
},
{
"name": "CVE-2021-30714",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30714"
},
{
"name": "CVE-2021-30702",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30702"
},
{
"name": "CVE-2021-30727",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30727"
},
{
"name": "CVE-2021-21779",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21779"
},
{
"name": "CVE-2021-1884",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-1884"
},
{
"name": "CVE-2020-36228",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36228"
},
{
"name": "CVE-2020-36227",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36227"
},
{
"name": "CVE-2021-30723",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30723"
},
{
"name": "CVE-2021-30729",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30729"
},
{
"name": "CVE-2021-30719",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30719"
},
{
"name": "CVE-2021-30696",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30696"
},
{
"name": "CVE-2021-30712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30712"
},
{
"name": "CVE-2021-30688",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30688"
},
{
"name": "CVE-2021-30739",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30739"
},
{
"name": "CVE-2021-30680",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30680"
},
{
"name": "CVE-2021-30689",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30689"
},
{
"name": "CVE-2021-30746",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30746"
},
{
"name": "CVE-2021-30744",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30744"
},
{
"name": "CVE-2020-36223",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36223"
},
{
"name": "CVE-2021-30669",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30669"
},
{
"name": "CVE-2021-30699",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30699"
},
{
"name": "CVE-2021-30728",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30728"
},
{
"name": "CVE-2021-30736",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30736"
},
{
"name": "CVE-2020-36229",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36229"
},
{
"name": "CVE-2021-30695",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30695"
},
{
"name": "CVE-2021-30705",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30705"
},
{
"name": "CVE-2021-30663",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30663"
},
{
"name": "CVE-2021-30683",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30683"
},
{
"name": "CVE-2021-30691",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30691"
},
{
"name": "CVE-2021-30725",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30725"
},
{
"name": "CVE-2021-30665",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30665"
},
{
"name": "CVE-2021-30721",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30721"
},
{
"name": "CVE-2021-30693",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30693"
},
{
"name": "CVE-2021-30682",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30682"
},
{
"name": "CVE-2021-30674",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30674"
},
{
"name": "CVE-2021-30694",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30694"
},
{
"name": "CVE-2021-1883",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-1883"
},
{
"name": "CVE-2021-30673",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30673"
},
{
"name": "CVE-2021-30718",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30718"
},
{
"name": "CVE-2021-30713",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30713"
},
{
"name": "CVE-2021-30717",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30717"
},
{
"name": "CVE-2020-36226",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36226"
},
{
"name": "CVE-2021-30687",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30687"
},
{
"name": "CVE-2020-36222",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36222"
},
{
"name": "CVE-2021-30709",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30709"
},
{
"name": "CVE-2021-30690",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30690"
},
{
"name": "CVE-2021-30686",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30686"
},
{
"name": "CVE-2021-30716",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30716"
},
{
"name": "CVE-2021-30735",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30735"
},
{
"name": "CVE-2021-30679",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30679"
},
{
"name": "CVE-2021-30734",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30734"
},
{
"name": "CVE-2021-30697",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30697"
},
{
"name": "CVE-2021-30698",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30698"
},
{
"name": "CVE-2021-30720",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30720"
},
{
"name": "CVE-2021-30740",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30740"
},
{
"name": "CVE-2021-23841",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23841"
},
{
"name": "CVE-2021-30685",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30685"
},
{
"name": "CVE-2021-30738",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30738"
},
{
"name": "CVE-2021-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30749"
},
{
"name": "CVE-2021-30704",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30704"
},
{
"name": "CVE-2021-30741",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30741"
},
{
"name": "CVE-2021-30707",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30707"
},
{
"name": "CVE-2021-30710",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30710"
},
{
"name": "CVE-2021-30700",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30700"
}
],
"initial_release_date": "2021-05-25T00:00:00",
"last_revision_date": "2021-05-25T00:00:00",
"links": [],
"reference": "CERTFR-2021-AVI-398",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-05-25T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Apple.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire, un d\u00e9ni de service et un contournement de\nla politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT212534 du 24 mai 2021",
"url": "https://support.apple.com/en-us/HT212534"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT212528 du 24 mai 2021",
"url": "https://support.apple.com/en-us/HT212528"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT212531 du 24 mai 2021",
"url": "https://support.apple.com/en-us/HT212531"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT212533 du 24 mai 2021",
"url": "https://support.apple.com/en-us/HT212533"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT212530 du 24 mai 2021",
"url": "https://support.apple.com/en-us/HT212530"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT212529 du 24 mai 2021",
"url": "https://support.apple.com/en-us/HT212529"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT212532 du 24 mai 2021",
"url": "https://support.apple.com/en-us/HT212532"
}
]
}
CVE-2021-30684 (GCVE-0-2021-30684)
Vulnerability from cvelistv5 – Published: 2021-09-08 14:30 – Updated: 2024-08-03 22:40
VLAI
EPSS
Summary
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina. A remote attacker may cause an unexpected application termination or arbitrary code execution.
Severity
No CVSS data available.
CWE
- A remote attacker may cause an unexpected application termination or arbitrary code execution
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://support.apple.com/en-us/HT212529 | x_refsource_MISC |
| https://support.apple.com/en-us/HT212530 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:40:31.995Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212529"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212530"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "11.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "2021",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina. A remote attacker may cause an unexpected application termination or arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "A remote attacker may cause an unexpected application termination or arbitrary code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-08T14:30:39.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212529"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212530"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2021-30684",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "11.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "2021"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina. A remote attacker may cause an unexpected application termination or arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A remote attacker may cause an unexpected application termination or arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/en-us/HT212529",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212529"
},
{
"name": "https://support.apple.com/en-us/HT212530",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212530"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2021-30684",
"datePublished": "2021-09-08T14:30:39.000Z",
"dateReserved": "2021-04-13T00:00:00.000Z",
"dateUpdated": "2024-08-03T22:40:31.995Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-30685 (GCVE-0-2021-30685)
Vulnerability from cvelistv5 – Published: 2021-09-08 14:30 – Updated: 2024-08-03 22:40
VLAI
EPSS
Summary
This issue was addressed with improved checks. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Parsing a maliciously crafted audio file may lead to disclosure of user information.
Severity
No CVSS data available.
CWE
- Parsing a maliciously crafted audio file may lead to disclosure of user information
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://support.apple.com/en-us/HT212528 | x_refsource_MISC |
| https://support.apple.com/en-us/HT212529 | x_refsource_MISC |
| https://support.apple.com/en-us/HT212532 | x_refsource_MISC |
| https://support.apple.com/en-us/HT212533 | x_refsource_MISC |
| https://support.apple.com/en-us/HT212530 | x_refsource_MISC |
Impacted products
5 products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:40:31.893Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212528"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212529"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212532"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212533"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212530"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "14.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "11.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "2021",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "14.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "7.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "This issue was addressed with improved checks. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Parsing a maliciously crafted audio file may lead to disclosure of user information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Parsing a maliciously crafted audio file may lead to disclosure of user information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-08T14:30:23.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212528"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212529"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212532"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212533"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212530"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2021-30685",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iOS and iPadOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "14.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "11.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "2021"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "14.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "7.5"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "This issue was addressed with improved checks. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Parsing a maliciously crafted audio file may lead to disclosure of user information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Parsing a maliciously crafted audio file may lead to disclosure of user information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/en-us/HT212528",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212528"
},
{
"name": "https://support.apple.com/en-us/HT212529",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212529"
},
{
"name": "https://support.apple.com/en-us/HT212532",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212532"
},
{
"name": "https://support.apple.com/en-us/HT212533",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212533"
},
{
"name": "https://support.apple.com/en-us/HT212530",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212530"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2021-30685",
"datePublished": "2021-09-08T14:30:23.000Z",
"dateReserved": "2021-04-13T00:00:00.000Z",
"dateUpdated": "2024-08-03T22:40:31.893Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-30686 (GCVE-0-2021-30686)
Vulnerability from cvelistv5 – Published: 2021-09-08 14:26 – Updated: 2024-08-03 22:40
VLAI
EPSS
Summary
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Processing a maliciously crafted audio file may disclose restricted memory.
Severity
No CVSS data available.
CWE
- Processing a maliciously crafted audio file may disclose restricted memory
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://support.apple.com/en-us/HT212528 | x_refsource_MISC |
| https://support.apple.com/en-us/HT212529 | x_refsource_MISC |
| https://support.apple.com/en-us/HT212532 | x_refsource_MISC |
| https://support.apple.com/en-us/HT212533 | x_refsource_MISC |
| https://support.apple.com/en-us/HT212530 | x_refsource_MISC |
Impacted products
5 products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:40:31.761Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212528"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212529"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212532"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212533"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212530"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "14.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "11.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "2021",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "14.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "7.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Processing a maliciously crafted audio file may disclose restricted memory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Processing a maliciously crafted audio file may disclose restricted memory",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-08T14:26:46.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212528"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212529"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212532"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212533"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212530"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2021-30686",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iOS and iPadOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "14.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "11.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "2021"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "14.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "7.5"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Processing a maliciously crafted audio file may disclose restricted memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing a maliciously crafted audio file may disclose restricted memory"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/en-us/HT212528",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212528"
},
{
"name": "https://support.apple.com/en-us/HT212529",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212529"
},
{
"name": "https://support.apple.com/en-us/HT212532",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212532"
},
{
"name": "https://support.apple.com/en-us/HT212533",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212533"
},
{
"name": "https://support.apple.com/en-us/HT212530",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212530"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2021-30686",
"datePublished": "2021-09-08T14:26:46.000Z",
"dateReserved": "2021-04-13T00:00:00.000Z",
"dateUpdated": "2024-08-03T22:40:31.761Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-30687 (GCVE-0-2021-30687)
Vulnerability from cvelistv5 – Published: 2021-09-08 14:30 – Updated: 2024-08-03 22:40
VLAI
EPSS
Summary
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Processing a maliciously crafted image may lead to disclosure of user information.
Severity
No CVSS data available.
CWE
- Processing a maliciously crafted image may lead to disclosure of user information
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://support.apple.com/en-us/HT212528 | x_refsource_MISC |
| https://support.apple.com/en-us/HT212529 | x_refsource_MISC |
| https://support.apple.com/en-us/HT212532 | x_refsource_MISC |
| https://support.apple.com/en-us/HT212533 | x_refsource_MISC |
| https://support.apple.com/en-us/HT212530 | x_refsource_MISC |
| https://support.apple.com/en-us/HT212531 | x_refsource_MISC |
Impacted products
5 products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:40:31.669Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212528"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212529"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212532"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212533"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212530"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212531"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "14.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "11.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "2021",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "2021",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "14.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "7.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Processing a maliciously crafted image may lead to disclosure of user information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Processing a maliciously crafted image may lead to disclosure of user information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-08T14:30:10.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212528"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212529"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212532"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212533"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212530"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212531"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2021-30687",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iOS and iPadOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "14.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "11.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "2021"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "2021"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "14.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "7.5"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Processing a maliciously crafted image may lead to disclosure of user information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing a maliciously crafted image may lead to disclosure of user information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/en-us/HT212528",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212528"
},
{
"name": "https://support.apple.com/en-us/HT212529",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212529"
},
{
"name": "https://support.apple.com/en-us/HT212532",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212532"
},
{
"name": "https://support.apple.com/en-us/HT212533",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212533"
},
{
"name": "https://support.apple.com/en-us/HT212530",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212530"
},
{
"name": "https://support.apple.com/en-us/HT212531",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212531"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2021-30687",
"datePublished": "2021-09-08T14:30:10.000Z",
"dateReserved": "2021-04-13T00:00:00.000Z",
"dateUpdated": "2024-08-03T22:40:31.669Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-30688 (GCVE-0-2021-30688)
Vulnerability from cvelistv5 – Published: 2021-09-08 14:28 – Updated: 2024-08-03 22:40
VLAI
EPSS
Summary
A malicious application may be able to break out of its sandbox. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina. A path handling issue was addressed with improved validation.
Severity
No CVSS data available.
CWE
- A path handling issue was addressed with improved validation
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://support.apple.com/en-us/HT212529 | x_refsource_MISC |
| https://support.apple.com/en-us/HT212530 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:40:31.928Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212529"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212530"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "11.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "2021",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A malicious application may be able to break out of its sandbox. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina. A path handling issue was addressed with improved validation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "A path handling issue was addressed with improved validation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-08T14:28:32.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212529"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212530"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2021-30688",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "11.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "2021"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A malicious application may be able to break out of its sandbox. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina. A path handling issue was addressed with improved validation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A path handling issue was addressed with improved validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/en-us/HT212529",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212529"
},
{
"name": "https://support.apple.com/en-us/HT212530",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212530"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2021-30688",
"datePublished": "2021-09-08T14:28:32.000Z",
"dateReserved": "2021-04-13T00:00:00.000Z",
"dateUpdated": "2024-08-03T22:40:31.928Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-30689 (GCVE-0-2021-30689)
Vulnerability from cvelistv5 – Published: 2021-09-08 14:29 – Updated: 2024-08-03 22:40
VLAI
EPSS
Summary
A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to universal cross site scripting.
Severity
No CVSS data available.
CWE
- Processing maliciously crafted web content may lead to universal cross site scripting
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://support.apple.com/en-us/HT212528 | x_refsource_MISC |
| https://support.apple.com/en-us/HT212529 | x_refsource_MISC |
| https://support.apple.com/en-us/HT212532 | x_refsource_MISC |
| https://support.apple.com/en-us/HT212533 | x_refsource_MISC |
| https://support.apple.com/en-us/HT212534 | x_refsource_MISC |
Impacted products
5 products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:40:31.699Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212528"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212529"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212532"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212533"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212534"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "14.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "11.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "14.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "7.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "14.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to universal cross site scripting."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Processing maliciously crafted web content may lead to universal cross site scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-08T14:29:59.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212528"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212529"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212532"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212533"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212534"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2021-30689",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iOS and iPadOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "14.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "11.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "14.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "7.5"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "14.1"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to universal cross site scripting."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may lead to universal cross site scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/en-us/HT212528",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212528"
},
{
"name": "https://support.apple.com/en-us/HT212529",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212529"
},
{
"name": "https://support.apple.com/en-us/HT212532",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212532"
},
{
"name": "https://support.apple.com/en-us/HT212533",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212533"
},
{
"name": "https://support.apple.com/en-us/HT212534",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212534"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2021-30689",
"datePublished": "2021-09-08T14:29:59.000Z",
"dateReserved": "2021-04-13T00:00:00.000Z",
"dateUpdated": "2024-08-03T22:40:31.699Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-30690 (GCVE-0-2021-30690)
Vulnerability from cvelistv5 – Published: 2021-09-08 14:27 – Updated: 2024-08-03 22:40
VLAI
EPSS
Summary
Multiple issues in apache were addressed by updating apache to version 2.4.46. This issue is fixed in Security Update 2021-004 Mojave. Multiple issues in apache.
Severity
No CVSS data available.
CWE
- Multiple issues in apache
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://support.apple.com/en-us/HT212531 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Apple | Security Update - Mojave |
Affected:
unspecified , < 2021
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:40:31.921Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212531"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Security Update - Mojave",
"vendor": "Apple",
"versions": [
{
"lessThan": "2021",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple issues in apache were addressed by updating apache to version 2.4.46. This issue is fixed in Security Update 2021-004 Mojave. Multiple issues in apache."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Multiple issues in apache",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-08T14:27:44.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212531"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2021-30690",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Security Update - Mojave",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "2021"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple issues in apache were addressed by updating apache to version 2.4.46. This issue is fixed in Security Update 2021-004 Mojave. Multiple issues in apache."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Multiple issues in apache"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/en-us/HT212531",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212531"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2021-30690",
"datePublished": "2021-09-08T14:27:44.000Z",
"dateReserved": "2021-04-13T00:00:00.000Z",
"dateUpdated": "2024-08-03T22:40:31.921Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-30691 (GCVE-0-2021-30691)
Vulnerability from cvelistv5 – Published: 2021-09-08 14:26 – Updated: 2024-08-03 22:40
VLAI
EPSS
Summary
An information disclosure issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted USD file may disclose memory contents.
Severity
No CVSS data available.
CWE
- Processing a maliciously crafted USD file may disclose memory contents
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://support.apple.com/en-us/HT212528 | x_refsource_MISC |
| https://support.apple.com/en-us/HT212529 | x_refsource_MISC |
| https://support.apple.com/en-us/HT212530 | x_refsource_MISC |
| https://support.apple.com/en-us/HT212531 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:40:32.063Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212528"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212529"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212530"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212531"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "14.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "11.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "2021",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "2021",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An information disclosure issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted USD file may disclose memory contents."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Processing a maliciously crafted USD file may disclose memory contents",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-08T14:26:38.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212528"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212529"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212530"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212531"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2021-30691",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iOS and iPadOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "14.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "11.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "2021"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "2021"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information disclosure issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted USD file may disclose memory contents."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing a maliciously crafted USD file may disclose memory contents"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/en-us/HT212528",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212528"
},
{
"name": "https://support.apple.com/en-us/HT212529",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212529"
},
{
"name": "https://support.apple.com/en-us/HT212530",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212530"
},
{
"name": "https://support.apple.com/en-us/HT212531",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212531"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2021-30691",
"datePublished": "2021-09-08T14:26:38.000Z",
"dateReserved": "2021-04-13T00:00:00.000Z",
"dateUpdated": "2024-08-03T22:40:32.063Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-30692 (GCVE-0-2021-30692)
Vulnerability from cvelistv5 – Published: 2021-09-08 14:27 – Updated: 2024-08-03 22:40
VLAI
EPSS
Summary
An information disclosure issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted USD file may disclose memory contents.
Severity
No CVSS data available.
CWE
- Processing a maliciously crafted USD file may disclose memory contents
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://support.apple.com/en-us/HT212528 | x_refsource_MISC |
| https://support.apple.com/en-us/HT212529 | x_refsource_MISC |
| https://support.apple.com/en-us/HT212530 | x_refsource_MISC |
| https://support.apple.com/en-us/HT212531 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:40:31.961Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212528"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212529"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212530"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212531"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "14.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "11.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "2021",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "2021",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An information disclosure issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted USD file may disclose memory contents."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Processing a maliciously crafted USD file may disclose memory contents",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-08T14:27:39.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212528"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212529"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212530"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212531"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2021-30692",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iOS and iPadOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "14.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "11.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "2021"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "2021"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information disclosure issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted USD file may disclose memory contents."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing a maliciously crafted USD file may disclose memory contents"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/en-us/HT212528",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212528"
},
{
"name": "https://support.apple.com/en-us/HT212529",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212529"
},
{
"name": "https://support.apple.com/en-us/HT212530",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212530"
},
{
"name": "https://support.apple.com/en-us/HT212531",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212531"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2021-30692",
"datePublished": "2021-09-08T14:27:39.000Z",
"dateReserved": "2021-04-13T00:00:00.000Z",
"dateUpdated": "2024-08-03T22:40:31.961Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-30693 (GCVE-0-2021-30693)
Vulnerability from cvelistv5 – Published: 2021-09-08 14:29 – Updated: 2024-08-03 22:40
VLAI
EPSS
Summary
A validation issue was addressed with improved logic. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted image may lead to arbitrary code execution.
Severity
No CVSS data available.
CWE
- Processing a maliciously crafted image may lead to arbitrary code execution
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://support.apple.com/en-us/HT212528 | x_refsource_MISC |
| https://support.apple.com/en-us/HT212529 | x_refsource_MISC |
| https://support.apple.com/en-us/HT212530 | x_refsource_MISC |
| https://support.apple.com/en-us/HT212531 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:40:32.036Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212528"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212529"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212530"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212531"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "14.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "11.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "2021",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "2021",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A validation issue was addressed with improved logic. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted image may lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Processing a maliciously crafted image may lead to arbitrary code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-08T14:29:43.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212528"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212529"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212530"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212531"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2021-30693",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iOS and iPadOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "14.6"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "11.4"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "2021"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "2021"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A validation issue was addressed with improved logic. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted image may lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing a maliciously crafted image may lead to arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/en-us/HT212528",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212528"
},
{
"name": "https://support.apple.com/en-us/HT212529",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212529"
},
{
"name": "https://support.apple.com/en-us/HT212530",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212530"
},
{
"name": "https://support.apple.com/en-us/HT212531",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212531"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2021-30693",
"datePublished": "2021-09-08T14:29:43.000Z",
"dateReserved": "2021-04-13T00:00:00.000Z",
"dateUpdated": "2024-08-03T22:40:32.036Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…