CVE-2021-30836
published 2021-10-28CVE-2021-30836: An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, watchOS 8, iOS 15 and iPadOS 15…
medium5.5CVSS 3.1
AVLACLPRNUIRSUCHINAN
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing a maliciously crafted audio file may disclose restricted memory.
Affected
18 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ios_14.8_and_ipados | — | — |
| apple | ios_15_and_ipados | — | — |
| apple | ios_and_ipados | >= unspecified < 14.8 | 14.8 |
| apple | ios_and_ipados | >= unspecified < 15 | 15 |
| apple | ipados | < 14.8 | 14.8 |
| apple | iphone_os | < 14.8 | 14.8 |
| apple | macos | < 12.0.1 | 12.0.1 |
| apple | macos_monterey | — | — |
| apple | safari | < 15.0.0 | 15.0.0 |
| apple | safari | — | — |
| apple | tvos | < 15.0 | 15.0 |
| apple | tvos | — | — |
| apple | tvos | >= unspecified < 15 | 15 |
| apple | watchos | < 8.0 | 8.0 |
| apple | watchos | >= unspecified < 8 | 8 |
| apple | watchos_8 | — | — |
| debian | webkit2gtk | < webkit2gtk 2.32.4-1 (bookworm) | webkit2gtk 2.32.4-1 (bookworm) |
| debian | wpewebkit | < webkit2gtk 2.32.4-1 (bookworm) | webkit2gtk 2.32.4-1 (bookworm) |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
osv5.5MEDIUM