7.8

CVE-2021-30848

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AppleSafari Version < 15.0
AppleiPadOS Version < 14.8
AppleiPhone OS Version < 14.8
ApplemacOS Version < 12.0.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.19% 0.639
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvd@nist.gov 6.8 8.6 6.4
AV:N/AC:M/Au:N/C:P/I:P/A:P
CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

http://seclists.org/fulldisclosure/2021/Oct/61
Third Party Advisory
Mailing List
https://support.apple.com/en-us/HT212814
Vendor Advisory
https://support.apple.com/en-us/HT212816
Vendor Advisory
https://support.apple.com/kb/HT212869
Vendor Advisory
https://support.apple.com/en-us/HT212807
Vendor Advisory
http://www.openwall.com/lists/oss-security/2021/10/26/9
Mailing List
http://www.openwall.com/lists/oss-security/2021/10/27/1
Mailing List
http://www.openwall.com/lists/oss-security/2021/10/27/2
Mailing List
http://www.openwall.com/lists/oss-security/2021/10/27/4
Mailing List
http://seclists.org/fulldisclosure/2021/Oct/60
Third Party Advisory
Mailing List