CVE-2021-30818Type Confusion in Apple IOS AND Ipados

CWE-843Type Confusion12 documents7 sources
Severity
8.8HIGHNVD
EPSS
0.4%
top 37.24%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
7
Apple IOS AND IpadosApple SafariApple Tvos+4 more
Timeline
PublishedOct 28
Latest updateMay 24

Description

A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, Safari 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages10 packages

NVDapple/ipados< 14.8
CVEListV5apple/ios_and_ipadosunspecified14.8+1
CVEListV5apple/tvosunspecified15
NVDapple/tvos< 15.0
CVEListV5apple/safariunspecified15

🔴Vulnerability Details

3
GHSA
GHSA-rx33-r3jc-7m3x: A type confusion issue was addressed with improved state handling2022-05-24
OSV
CVE-2021-30818: A type confusion issue was addressed with improved state handling2021-10-28
CVEList
CVE-2021-30818: A type confusion issue was addressed with improved state handling2021-10-28

📋Vendor Advisories

8
Red Hat
webkitgtk: Type confusion issue leading to arbitrary code execution2021-12-20
Apple
CVE-2021-30818: macOS Monterey 12.0.12021-10-25
Apple
CVE-2021-30818: tvOS 152021-09-20
Apple
CVE-2021-30818: iOS 15 and iPadOS 152021-09-20
Apple
CVE-2021-30818: watchOS 82021-09-20
CVE-2021-30818 — Type Confusion in Apple IOS AND Ipados | cvebase