CVE-2021-1765
published 2021-04-02CVE-2021-1765: This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security…
PriorityP179medium6.5CVSS 3.1
AVNACLPRNUIRSUCNIHAN
ITWVulnCheck KEV
Exploited in the wild
EPSS
1.41%
69.2th percentile
This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Maliciously crafted web content may violate iframe sandboxing policy.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | mac_os_x | — | — |
| apple | mac_os_x | — | — |
| apple | mac_os_x | >= 10.14 < 10.14.6 | 10.14.6 |
| apple | mac_os_x | >= 10.15 < 10.15.7 | 10.15.7 |
| apple | macos | >= 11.0 < 11.2 | 11.2 |
| apple | macos | >= unspecified < 11.2 | 11.2 |
| apple | macos_big_sur_11.2_security_update_2021-001_catalina_security_update_2021-001_mo | — | — |
| debian | webkit2gtk | < webkit2gtk 2.30.6-1 (bookworm) | webkit2gtk 2.30.6-1 (bookworm) |
| debian | wpewebkit | < webkit2gtk 2.30.6-1 (bookworm) | webkit2gtk 2.30.6-1 (bookworm) |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| webkitgtk | webkitgtk | < 2.30.6 | 2.30.6 |
Detection & IOCsextracted from sources · hover to see the quote
- →Vulnerability is in the WebKit component; maliciously crafted web content triggers an iframe sandboxing policy violation ↗
- →Affected component is WebKitGTK and WPE WebKit in versions prior to 2.30.6; monitor for exploitation attempts against these versions ↗
- ·Fix is available in WebKitGTK/WPE WebKit 2.30.6 and later; versions prior to 2.30.6 are vulnerable ↗
- ·The highest threat from this vulnerability is to data integrity, not confidentiality or availability ↗
- ·Red Hat Enterprise Linux 9 webkit2gtk3 package is not affected; RHEL 6 and 7 packages are out of support scope ↗
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
osv6.5MEDIUM
vulncheck6.5MEDIUM
vendor_debian6.5MEDIUM
vendor_redhat6.5MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
WebKitGTK vulnerabilities
vendor_ubuntu·2021-03-29
CVE-2021-1765 WebKitGTK vulnerabilities
Title: WebKitGTK vulnerabilities
Summary: Several security issues were fixed in WebKitGTK.
A large number of security issues were discovered in the WebKitGTK Web and
JavaScript engines. If a user were tricked into viewing a malicious
website, a remote attacker could exploit a variety of issues related to web
browser security, including cross-site scripting attacks, denial of service
attacks, and arbitrary code execution.
Instructions: This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart any applications
that use WebKitGTK, such as Epiphany, to make all the necessary changes.
Red Hat
webkitgtk: IFrame sandboxing policy violation
vendor_redhat·2021-03-22·CVSS 6.5
CVE-2021-1765 [MEDIUM] CWE-863 webkitgtk: IFrame sandboxing policy violation
webkitgtk: IFrame sandboxing policy violation
This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Maliciously crafted web content may violate iframe sandboxing policy.
A flaw was found in WebKitGTK and WPE WebKit in versions prior to 2.30.6. Maliciously crafted web content may violate the iframe sandboxing policy. The highest threat from this vulnerability is to data integrity.
Package: webkitgtk (Red Hat Enterprise Linux 6) - Out of support scope
Package: webkitgtk3 (Red Hat Enterprise Linux 7) - Out of support scope
Package: webkit2gtk3 (Red Hat Enterprise Linux 9) - Not affected
Apple
CVE-2021-1765: macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave
vendor_apple·2021-02-01·CVSS 6.5
CVE-2021-1765 [MEDIUM] CVE-2021-1765: macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave
Apple Security Update: About the security content of macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave
Product: macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave
CVE: CVE-2021-1765
Component: WebKit
Impact: Maliciously crafted web content may violate iframe sandboxing policy
Description: This issue was addressed with improved iframe sandbox enforcement.
Debian
CVE-2021-1765: webkit2gtk - This issue was addressed with improved iframe sandbox enforcement. This issue is...
vendor_debian·2021·CVSS 6.5
CVE-2021-1765 [MEDIUM] CVE-2021-1765: webkit2gtk - This issue was addressed with improved iframe sandbox enforcement. This issue is...
This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Maliciously crafted web content may violate iframe sandboxing policy.
Scope: local
bookworm: resolved (fixed in 2.30.6-1)
bullseye: resolved (fixed in 2.30.6-1)
forky: resolved (fixed in 2.30.6-1)
sid: resolved (fixed in 2.30.6-1)
trixie: resolved (fixed in 2.30.6-1)
GHSA
GHSA-872w-fg9q-jgjx: This issue was addressed with improved iframe sandbox enforcement
ghsa_unreviewed·2022-05-24
CVE-2021-1765 [MEDIUM] GHSA-872w-fg9q-jgjx: This issue was addressed with improved iframe sandbox enforcement
This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Maliciously crafted web content may violate iframe sandboxing policy.
OSV
CVE-2021-1765: This issue was addressed with improved iframe sandbox enforcement
osv·2021-04-02·CVSS 6.5
CVE-2021-1765 [MEDIUM] CVE-2021-1765: This issue was addressed with improved iframe sandbox enforcement
This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Maliciously crafted web content may violate iframe sandboxing policy.
VulnCheck
Google Chromium PopupBlocker Security Bypass Vulnerability
vulncheck·2021·CVSS 6.5
CVE-2021-30533 [MEDIUM] CWE-863 Google Chromium PopupBlocker Security Bypass Vulnerability
Google Chromium PopupBlocker Security Bypass Vulnerability
Google Chromium PopupBlocker contains an insufficient policy enforcement vulnerability that allows a remote attacker to bypass navigation restrictions via a crafted iframe. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Affected: Google Chromium PopupBlocker
Required Action: Apply updates per vendor instructions.
Exploitation References: https://blog.confiant.com/malvertising-threat-actor-yosec-exploits-browser-bugs-to-push-malware-cve-2021-1765-3040dd3c4af1; https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json
Remediation Due: 2022-07-18
VulnCheck
Apple macOS iframe Sandbox Enforcement Vulnerability
vulncheck·2021·CVSS 6.5
CVE-2021-1765 [MEDIUM] Apple macOS iframe Sandbox Enforcement Vulnerability
Apple macOS iframe Sandbox Enforcement Vulnerability
This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Maliciously crafted web content may violate iframe sandboxing policy.
Affected: Apple MacOS X
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://blog.confiant.com/malvertising-threat-actor-yosec-exploits-browser-bugs-to-push-malware-cve-2021-1765-3040dd3c4af1
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN6ZOD62CTO54CHTMJTHVEF6R2Y532TJ/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3L6ZZOU5JS7E3RFYGLP7UFLXCG7TNLU/https://security.gentoo.org/glsa/202104-03https://support.apple.com/en-us/HT212147https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN6ZOD62CTO54CHTMJTHVEF6R2Y532TJ/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3L6ZZOU5JS7E3RFYGLP7UFLXCG7TNLU/https://security.gentoo.org/glsa/202104-03https://support.apple.com/en-us/HT212147
2021-04-02
Published
Exploited in the wild