cbcvebase.
CVE-2021-30887
published 2021-08-24

CVE-2021-30887: A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1…

PriorityP432medium6.5CVSS 3.1
AVNACLPRNUIRSUCNIHAN
EPSS
1.60%
72.9th percentile
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to unexpectedly unenforced Content Security Policy.

Affected

20 ranges
VendorProductVersion rangeFixed in
appleios_15.1_and_ipados
appleios_and_ipados>= unspecified < 15.115.1
appleipados< 15.115.1
appleiphone_os< 15.115.1
applemacos< 12.0.112.0.1
applemacos>= unspecified < 12.012.0
applemacos>= unspecified < 8.18.1
applemacos>= unspecified < 15.115.1
applemacos_monterey
applesafari
appletvos< 15.115.1
appletvos
applewatchos< 8.18.1
applewatchos
debiandebian_linux
debiandebian_linux
debianwebkit2gtk< webkit2gtk 2.34.3-1 (bookworm)webkit2gtk 2.34.3-1 (bookworm)
debianwpewebkit< webkit2gtk 2.34.3-1 (bookworm)webkit2gtk 2.34.3-1 (bookworm)
fedoraprojectfedora
fedoraprojectfedora

CVSS provenance

nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
osv6.5MEDIUM
vendor_debian6.5MEDIUM
vendor_redhat6.5MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.