Apple Security Update 2021-004 Mojave vulnerabilities

CVE-2021-30687 [MEDIUM] CVE-2021-30687: Security Update 2021-004 Mojave Apple Security Update: About the security content of Security Update 2021-004 Mojave Product: Security Update 2021-004 Mojave CVE: CVE-2021-30687 Component: ImageIO Impact: Processing a maliciously crafted image may lead to disclosure of user information Description: An out-of-bounds read was addressed with improved bounds checking.

CVE-2021-30746 [MEDIUM] CVE-2021-30746: Security Update 2021-004 Mojave Apple Security Update: About the security content of Security Update 2021-004 Mojave Product: Security Update 2021-004 Mojave CVE: CVE-2021-30746 Component: Model I/O Impact: Processing a maliciously crafted USD file may disclose memory contents Description: An out-of-bounds read was addressed with improved input validation.

CVE-2021-30702 [MEDIUM] CVE-2021-30702: Security Update 2021-004 Mojave Apple Security Update: About the security content of Security Update 2021-004 Mojave Product: Security Update 2021-004 Mojave CVE: CVE-2021-30702 Component: Login Window Impact: A person with physical access to a Mac may be able to bypass Login Window Description: A logic issue was addressed with improved state management.

CVE-2021-30695 [MEDIUM] CVE-2021-30695: Security Update 2021-004 Mojave Apple Security Update: About the security content of Security Update 2021-004 Mojave Product: Security Update 2021-004 Mojave CVE: CVE-2021-30695 Component: Model I/O Impact: Processing a maliciously crafted USD file may disclose memory contents Description: An out-of-bounds read was addressed with improved bounds checking.

CVE-2021-30705 [MEDIUM] CVE-2021-30705: Security Update 2021-004 Mojave Apple Security Update: About the security content of Security Update 2021-004 Mojave Product: Security Update 2021-004 Mojave CVE: CVE-2021-30705 Component: ImageIO Impact: Processing a maliciously crafted ASTC file may disclose memory contents Description: This issue was addressed with improved checks.

CVE-2021-30692 [MEDIUM] CVE-2021-30692: Security Update 2021-004 Mojave Apple Security Update: About the security content of Security Update 2021-004 Mojave Product: Security Update 2021-004 Mojave CVE: CVE-2021-30692 Component: Model I/O Impact: Processing a maliciously crafted USD file may disclose memory contents Description: An information disclosure issue was addressed with improved state management.

CVE-2021-30694 [MEDIUM] CVE-2021-30694: Security Update 2021-004 Mojave Apple Security Update: About the security content of Security Update 2021-004 Mojave Product: Security Update 2021-004 Mojave CVE: CVE-2021-30694 Component: Model I/O Impact: Processing a maliciously crafted USD file may disclose memory contents Description: An information disclosure issue was addressed with improved state management.

CVE-2021-30722 [MEDIUM] CVE-2021-30722: Security Update 2021-004 Mojave Apple Security Update: About the security content of Security Update 2021-004 Mojave Product: Security Update 2021-004 Mojave CVE: CVE-2021-30722 Component: Security Impact: A memory corruption issue in the ASN.1 decoder was addressed by removing the vulnerable code Description: Processing a maliciously crafted certificate may lead to arbitrary code execution.

CVE-2021-1883 [MEDIUM] CVE-2021-1883: Security Update 2021-004 Mojave Apple Security Update: About the security content of Security Update 2021-004 Mojave Product: Security Update 2021-004 Mojave CVE: CVE-2021-1883 Component: Heimdal Impact: Processing maliciously crafted server messages may lead to heap corruption Description: This issue was addressed with improved checks.