Apple Macos Big Sur vulnerabilities

CVE-2021-1883 [MEDIUM] CVE-2021-1883: macOS Big Sur 11.3 Apple Security Update: About the security content of macOS Big Sur 11.3 Product: macOS Big Sur Version: 11.3 CVE: CVE-2021-1883 Component: Heimdal Impact: Processing maliciously crafted server messages may lead to heap corruption Description: This issue was addressed with improved checks.

CVE-2021-30658 [MEDIUM] CVE-2021-30658: macOS Big Sur 11.3 Apple Security Update: About the security content of macOS Big Sur 11.3 Product: macOS Big Sur Version: 11.3 CVE: CVE-2021-30658 Component: Installer Impact: A malicious application may bypass Gatekeeper checks Description: This issue was addressed with improved handling of file metadata.

CVE-2021-1824 [MEDIUM] CVE-2021-1824: macOS Big Sur 11.3 Apple Security Update: About the security content of macOS Big Sur 11.3 Product: macOS Big Sur Version: 11.3 CVE: CVE-2021-1824 Component: Login Window Impact: A malicious application with root privileges may be able to access private information Description: This issue was addressed with improved entitlements.

CVE-2021-1855 [MEDIUM] CVE-2021-1855: macOS Big Sur 11.3 Apple Security Update: About the security content of macOS Big Sur 11.3 Product: macOS Big Sur Version: 11.3 CVE: CVE-2021-1855 Component: Safari Impact: A malicious website may be able to force unnecessary network connections to fetch its favicon Description: A logic issue was addressed with improved state management.

CVE-2021-1860 [MEDIUM] CVE-2021-1860: macOS Big Sur 11.3 Apple Security Update: About the security content of macOS Big Sur 11.3 Product: macOS Big Sur Version: 11.3 CVE: CVE-2021-1860 Component: Kernel Impact: A malicious application may be able to disclose kernel memory Description: A memory initialization issue was addressed with improved memory handling.

CVE-2021-1878 [MEDIUM] CVE-2021-1878: macOS Big Sur 11.3 Apple Security Update: About the security content of macOS Big Sur 11.3 Product: macOS Big Sur Version: 11.3 CVE: CVE-2021-1878 Component: Sandbox Impact: A malicious application may be able to access the user's recent contacts Description: The issue was addressed with improved permissions logic.

CVE-2021-1857 [MEDIUM] CVE-2021-1857: macOS Big Sur 11.3 Apple Security Update: About the security content of macOS Big Sur 11.3 Product: macOS Big Sur Version: 11.3 CVE: CVE-2021-1857 Component: CFNetwork Impact: Processing maliciously crafted web content may disclose sensitive user information Description: A memory initialization issue was addressed with improved memory handling.

CVE-2021-1739 [MEDIUM] CVE-2021-1739: macOS Big Sur 11.3 Apple Security Update: About the security content of macOS Big Sur 11.3 Product: macOS Big Sur Version: 11.3 CVE: CVE-2021-1739 Component: Preferences Impact: A local user may be able to modify protected parts of the file system Description: A parsing issue in the handling of directory paths was addressed with improved path validation.

CVE-2020-7463 [MEDIUM] CVE-2020-7463: macOS Big Sur 11.3 Apple Security Update: About the security content of macOS Big Sur 11.3 Product: macOS Big Sur Version: 11.3 CVE: CVE-2020-7463 Component: WebRTC Impact: A remote attacker may be able to cause unexpected system termination or corrupt kernel memory Description: A use after free issue was addressed with improved memory management.

CVE-2021-1820 [MEDIUM] CVE-2021-1820: macOS Big Sur 11.3 Apple Security Update: About the security content of macOS Big Sur 11.3 Product: macOS Big Sur Version: 11.3 CVE: CVE-2021-1820 Component: WebKit Impact: Processing maliciously crafted web content may result in the disclosure of process memory Description: A memory initialization issue was addressed with improved memory handling.

CVE-2021-30657 [MEDIUM] CVE-2021-30657: macOS Big Sur 11.3 Apple Security Update: About the security content of macOS Big Sur 11.3 Product: macOS Big Sur Version: 11.3 CVE: CVE-2021-30657 Component: System Preferences Impact: A malicious application may bypass Gatekeeper checks. Apple is aware of a report that this issue may have been actively exploited. Description: A logic issue was addressed with improved state management.

CVE-2021-1825 [MEDIUM] CVE-2021-1825: macOS Big Sur 11.3 Apple Security Update: About the security content of macOS Big Sur 11.3 Product: macOS Big Sur Version: 11.3 CVE: CVE-2021-1825 Component: WebKit Impact: Processing maliciously crafted web content may lead to a cross site scripting attack Description: An input validation issue was addressed with improved input validation.

CVE-2021-30750 [MEDIUM] CVE-2021-30750: macOS Big Sur 11.3 Apple Security Update: About the security content of macOS Big Sur 11.3 Product: macOS Big Sur Version: 11.3 CVE: CVE-2021-30750 Component: Sandbox Impact: A malicious application may be able to access the user's recent contacts Description: The issue was addressed with improved permissions logic.

CVE-2021-1832 [MEDIUM] CVE-2021-1832: macOS Big Sur 11.3 Apple Security Update: About the security content of macOS Big Sur 11.3 Product: macOS Big Sur Version: 11.3 CVE: CVE-2021-1832 Component: Kernel Impact: Copied files may not have the expected file permissions Description: The issue was addressed with improved permissions logic.

CVE-2020-8284 [LOW] CVE-2020-8284: macOS Big Sur 11.3 Apple Security Update: About the security content of macOS Big Sur 11.3 Product: macOS Big Sur Version: 11.3 CVE: CVE-2020-8284 Component: CoreText Impact: Processing a maliciously crafted font may result in the disclosure of process memory Description: A logic issue was addressed with improved state management.