CVE-2021-30952

Warnung

Medienbericht

Exploit

EPSS 1.24%
Veröffentlicht 24.08.2021 19:15:21
Zuletzt bearbeitet 06.03.2026 13:44:17
Quelle product-security@apple.com
CVE-Watchlists
Login
Unerledigt
Login

An integer overflow was addressed with improved input validation. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution.

Betroffene Produkte Warnungen 1 Metriken 4 CWE 1 Referenzen 16

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Apple ≫ Safari Version < 15.2

Apple ≫ iPadOS Version < 15.2

Apple ≫ iPhone OS Version < 15.2

Apple ≫ macOS Version >= 12.0 < 12.1

Apple ≫ tvOS Version < 15.2

Apple ≫ watchOS Version < 8.3

Fedoraproject ≫ Fedora Version34

Fedoraproject ≫ Fedora Version35

Debian ≫ Debian Linux Version10.0

Debian ≫ Debian Linux Version11.0

Webkitgtk ≫ Webkitgtk Version < 2.34.4

Wpewebkit ≫ Wpe Webkit Version < 2.34.4

05.03.2026: CISA Known Exploited Vulnerabilities (KEV) Catalog

Apple Multiple Products Integer Overflow or Wraparound Vulnerability

Schwachstelle

Apple tvOS, macOS, Safari, iPadOS and watchOS contain an integer overflow or wraparound vulnerability due to the processing of maliciously crafted web content that may lead to arbitrary code execution.

Beschreibung

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Erforderliche Maßnahmen

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.24%	0.791

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvd@nist.gov	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P
134c704f-9b21-4f2e-91b3-4a467353bcc0	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE-190 Integer Overflow or Wraparound

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

https://www.heise.de/news/Warnung-vor-Angriffen-auf-Hikvision-Rockwell-Automation-und-Apple-Produkte-11201384.html

Medienbericht

heise Security

06.03.2026 09:46

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7EQVZ3CEMTINLBZ7PBC7WRXVEVCRHNSM/

Broken Link

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HQKWD4BXRDD2YGR5AVU7H5J5PIQIEU6V/

Broken Link

https://support.apple.com/en-us/HT212975

Vendor Advisory

Release Notes

https://support.apple.com/en-us/HT212976