7.8

CVE-2021-30846

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AppleSafari Version < 15.0
AppleiPadOS Version < 14.8
AppleiPhone OS Version < 14.8
ApplemacOS Version < 12.0.1
AppletvOS Version < 15.0
ApplewatchOS Version < 8.0
DebianDebian Linux Version10.0
DebianDebian Linux Version11.0
FedoraprojectFedora Version33
FedoraprojectFedora Version34
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.27% 0.66
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvd@nist.gov 6.8 8.6 6.4
AV:N/AC:M/Au:N/C:P/I:P/A:P
CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

http://seclists.org/fulldisclosure/2021/Oct/61
Third Party Advisory
Mailing List
http://seclists.org/fulldisclosure/2021/Oct/62
Third Party Advisory
Mailing List
http://seclists.org/fulldisclosure/2021/Oct/63
Third Party Advisory
Mailing List
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H6MGXCX7P5AHWOQ6IRT477UKT7IS4DAD/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ON5SDVVPVPCAGFPW2GHYATZVZYLPW2L4/
https://support.apple.com/en-us/HT212814
Vendor Advisory
https://support.apple.com/en-us/HT212815
Vendor Advisory
https://support.apple.com/en-us/HT212816
Vendor Advisory
https://support.apple.com/en-us/HT212819
Vendor Advisory
https://support.apple.com/kb/HT212869
Vendor Advisory
https://www.debian.org/security/2021/dsa-4995
Third Party Advisory
https://www.debian.org/security/2021/dsa-4996
Third Party Advisory
https://support.apple.com/en-us/HT212807
Vendor Advisory
http://www.openwall.com/lists/oss-security/2021/10/26/9
Mailing List
http://www.openwall.com/lists/oss-security/2021/10/27/1
Mailing List
http://www.openwall.com/lists/oss-security/2021/10/27/2
Mailing List
http://www.openwall.com/lists/oss-security/2021/10/27/4
Mailing List
http://seclists.org/fulldisclosure/2021/Oct/60
Third Party Advisory
Mailing List