CVE-2021-30855
published 2021-08-24CVE-2021-30855: A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in Security Update…
medium5.5CVSS 3.1
AVLACLPRNUIRSUCHINAN
A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS 14.8, iOS 15 and iPadOS 15, watchOS 8, macOS Big Sur 11.6. An application may be able to access restricted files.
Affected
18 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ios_14.8_and_ipados | — | — |
| apple | ios_15_and_ipados | — | — |
| apple | ipados | < 14.8 | 14.8 |
| apple | iphone_os | < 14.8 | 14.8 |
| apple | mac_os_x | < 10.15.7 | 10.15.7 |
| apple | mac_os_x | — | — |
| apple | macos | < 11.6 | 11.6 |
| apple | macos | >= unspecified < 11.6 | 11.6 |
| apple | macos | >= unspecified < 2021 | 2021 |
| apple | macos | >= unspecified < 14.8 | 14.8 |
| apple | macos | >= unspecified < 15 | 15 |
| apple | macos | >= unspecified < 8 | 8 |
| apple | macos_big_sur | — | — |
| apple | security_update_2021-005_catalina | — | — |
| apple | tvos | < 15.0 | 15.0 |
| apple | tvos | — | — |
| apple | watchos | < 8.0 | 8.0 |
| apple | watchos_8 | — | — |