CVE-2021-30797Improper Input Validation in Apple Macos

CWE-20Improper Input Validation9 documents8 sources
Severity
8.8HIGHNVD
EPSS
0.7%
top 28.59%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
7
Apple IOSApple MacosApple Ipados+4 more
Timeline
PublishedSep 8
Latest updateMay 24

Description

This issue was addressed with improved checks. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to code execution.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages8 packages

NVDapple/tvos< 14.7
CVEListV5apple/macosunspecified11.5+3
NVDapple/macos< 11.5
NVDapple/safari< 14.1.2
NVDapple/watchos< 7.6

🔴Vulnerability Details

3
GHSA
GHSA-q239-wm45-8mwc: This issue was addressed with improved checks2022-05-24
OSV
CVE-2021-30797: This issue was addressed with improved checks2021-09-08
CVEList
CVE-2021-30797: This issue was addressed with improved checks2021-09-08

📋Vendor Advisories

5
Red Hat
webkitgtk: Insufficient checks leading to arbitrary code execution2021-07-28
Ubuntu
WebKitGTK vulnerabilities2021-07-28
Apple
CVE-2021-30797: Safari 14.1.22021-07-19
Debian
CVE-2021-30797: webkit2gtk - This issue was addressed with improved checks. This issue is fixed in iOS 14.7, ...2021
Apple
CVE-2021-30797: iOS 14.7 and iPadOS 14.7
CVE-2021-30797 — Improper Input Validation in Apple | cvebase