CVE-2021-30849 - Vulnerability Details

Vendors	Products
Apple	Ipados Iphone Os Itunes Macos Safari Tvos Watchos
Redhat	Enterprise Linux Rhel Els

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 7 Extended Lifecycle Support
webkitgtk4-0:2.48.3-2.el7_9	cpe:/o:redhat:rhel_els:7	RHSA-2025:10364	2025-07-07T00:00:00Z
Red Hat Enterprise Linux 8
webkit2gtk3-0:2.34.6-1.el8	cpe:/a:redhat:enterprise_linux:8	RHSA-2022:1777	2022-05-10T00:00:00Z

Link	Providers
http://seclists.org/fulldisclosure/2021/Oct/60
http://seclists.org/fulldisclosure/2021/Oct/61
http://seclists.org/fulldisclosure/2021/Oct/62
http://seclists.org/fulldisclosure/2021/Oct/63
http://www.openwall.com/lists/oss-security/2021/10/26/9
http://www.openwall.com/lists/oss-security/2021/10/27/1
http://www.openwall.com/lists/oss-security/2021/10/27/2
http://www.openwall.com/lists/oss-security/2021/10/27/4
https://nvd.nist.gov/vuln/detail/CVE-2021-30849
https://support.apple.com/en-us/HT212807
https://support.apple.com/en-us/HT212814
https://support.apple.com/en-us/HT212815
https://support.apple.com/en-us/HT212816
https://support.apple.com/en-us/HT212817
https://support.apple.com/en-us/HT212819
https://support.apple.com/kb/HT212869
https://support.apple.com/kb/HT212953
https://www.cve.org/CVERecord?id=CVE-2021-30849

Type	Values Removed	Values Added
Metrics	epss `{'score': 0.00303}`	epss `{'score': 0.00321}`

Type	Values Removed	Values Added
First Time appeared		Redhat rhel Els
CPEs		cpe:/o:redhat:rhel_els:7
Vendors & Products		Redhat rhel Els

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "iOS and iPadOS", "vendor": "Apple", "versions": [{"lessThan": "14.8", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "iOS and iPadOS", "vendor": "Apple", "versions": [{"lessThan": "15", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "tvOS", "vendor": "Apple", "versions": [{"lessThan": "15", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "Safari", "vendor": "Apple", "versions": [{"lessThan": "15", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "iTunes for Windows", "vendor": "Apple", "versions": [{"lessThan": "12.12", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "watchOS", "vendor": "Apple", "versions": [{"lessThan": "8", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, watchOS 8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution."}], "problemTypes": [{"descriptions": [{"description": "Processing maliciously crafted web content may lead to arbitrary code execution", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-11-19T12:06:18", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://support.apple.com/en-us/HT212807"}, {"tags": ["x_refsource_MISC"], "url": "https://support.apple.com/en-us/HT212814"}, {"tags": ["x_refsource_MISC"], "url": "https://support.apple.com/en-us/HT212819"}, {"tags": ["x_refsource_MISC"], "url": "https://support.apple.com/en-us/HT212815"}, {"tags": ["x_refsource_MISC"], "url": "https://support.apple.com/en-us/HT212817"}, {"tags": ["x_refsource_MISC"], "url": "https://support.apple.com/en-us/HT212816"}, {"name": "[oss-security] 20211026 WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2021/10/26/9"}, {"name": "[oss-security] 20211027 Re: WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2021/10/27/1"}, {"name": "[oss-security] 20211027 Re: WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2021/10/27/2"}, {"name": "20211027 APPLE-SA-2021-10-26-8 Additional information for APPLE-SA-2021-09-20-5 Safari 15", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://seclists.org/fulldisclosure/2021/Oct/60"}, {"name": "20211027 APPLE-SA-2021-10-26-10 Additional information for APPLE-SA-2021-09-20-2 watchOS 8", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://seclists.org/fulldisclosure/2021/Oct/62"}, {"name": "20211027 APPLE-SA-2021-10-26-11 Additional information for APPLE-SA-2021-09-20-3 tvOS 15", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://seclists.org/fulldisclosure/2021/Oct/63"}, {"name": "20211027 APPLE-SA-2021-10-26-9 Additional information for APPLE-SA-2021-09-20-1 iOS 15 and iPadOS 15", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://seclists.org/fulldisclosure/2021/Oct/61"}, {"name": "[oss-security] 20211027 Re: WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2021/10/27/4"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://support.apple.com/kb/HT212869"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://support.apple.com/kb/HT212953"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "product-security@apple.com", "ID": "CVE-2021-30849", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "iOS and iPadOS", "version": {"version_data": [{"version_affected": "<", "version_value": "14.8"}]}}, {"product_name": "iOS and iPadOS", "version": {"version_data": [{"version_affected": "<", "version_value": "15"}]}}, {"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "15"}]}}, {"product_name": "Safari", "version": {"version_data": [{"version_affected": "<", "version_value": "15"}]}}, {"product_name": "iTunes for Windows", "version": {"version_data": [{"version_affected": "<", "version_value": "12.12"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "8"}]}}]}, "vendor_name": "Apple"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, watchOS 8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Processing maliciously crafted web content may lead to arbitrary code execution"}]}]}, "references": {"reference_data": [{"name": "https://support.apple.com/en-us/HT212807", "refsource": "MISC", "url": "https://support.apple.com/en-us/HT212807"}, {"name": "https://support.apple.com/en-us/HT212814", "refsource": "MISC", "url": "https://support.apple.com/en-us/HT212814"}, {"name": "https://support.apple.com/en-us/HT212819", "refsource": "MISC", "url": "https://support.apple.com/en-us/HT212819"}, {"name": "https://support.apple.com/en-us/HT212815", "refsource": "MISC", "url": "https://support.apple.com/en-us/HT212815"}, {"name": "https://support.apple.com/en-us/HT212817", "refsource": "MISC", "url": "https://support.apple.com/en-us/HT212817"}, {"name": "https://support.apple.com/en-us/HT212816", "refsource": "MISC", "url": "https://support.apple.com/en-us/HT212816"}, {"name": "[oss-security] 20211026 WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2021/10/26/9"}, {"name": "[oss-security] 20211027 Re: WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2021/10/27/1"}, {"name": "[oss-security] 20211027 Re: WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2021/10/27/2"}, {"name": "20211027 APPLE-SA-2021-10-26-8 Additional information for APPLE-SA-2021-09-20-5 Safari 15", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2021/Oct/60"}, {"name": "20211027 APPLE-SA-2021-10-26-10 Additional information for APPLE-SA-2021-09-20-2 watchOS 8", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2021/Oct/62"}, {"name": "20211027 APPLE-SA-2021-10-26-11 Additional information for APPLE-SA-2021-09-20-3 tvOS 15", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2021/Oct/63"}, {"name": "20211027 APPLE-SA-2021-10-26-9 Additional information for APPLE-SA-2021-09-20-1 iOS 15 and iPadOS 15", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2021/Oct/61"}, {"name": "[oss-security] 20211027 Re: WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2021/10/27/4"}, {"name": "https://support.apple.com/kb/HT212869", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT212869"}, {"name": "https://support.apple.com/kb/HT212953", "refsource": "CONFIRM", "url": "https://support.apple.com/kb/HT212953"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T22:48:13.917Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://support.apple.com/en-us/HT212807"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://support.apple.com/en-us/HT212814"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://support.apple.com/en-us/HT212819"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://support.apple.com/en-us/HT212815"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://support.apple.com/en-us/HT212817"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://support.apple.com/en-us/HT212816"}, {"name": "[oss-security] 20211026 WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2021/10/26/9"}, {"name": "[oss-security] 20211027 Re: WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2021/10/27/1"}, {"name": "[oss-security] 20211027 Re: WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2021/10/27/2"}, {"name": "20211027 APPLE-SA-2021-10-26-8 Additional information for APPLE-SA-2021-09-20-5 Safari 15", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2021/Oct/60"}, {"name": "20211027 APPLE-SA-2021-10-26-10 Additional information for APPLE-SA-2021-09-20-2 watchOS 8", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2021/Oct/62"}, {"name": "20211027 APPLE-SA-2021-10-26-11 Additional information for APPLE-SA-2021-09-20-3 tvOS 15", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2021/Oct/63"}, {"name": "20211027 APPLE-SA-2021-10-26-9 Additional information for APPLE-SA-2021-09-20-1 iOS 15 and iPadOS 15", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2021/Oct/61"}, {"name": "[oss-security] 20211027 Re: WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2021/10/27/4"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://support.apple.com/kb/HT212869"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://support.apple.com/kb/HT212953"}]}]}, "cveMetadata": {"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2021-30849", "datePublished": "2021-10-19T13:11:42", "dateReserved": "2021-04-13T00:00:00", "dateUpdated": "2024-08-03T22:48:13.917Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : iOS and iPadOS (string)

vendor : Apple (string)

versions : [ »

0 : { »

lessThan : 14.8 (string)

status : affected (string)

version : unspecified (string)

versionType : custom (string)

}

]

}

1 : { »

product : iOS and iPadOS (string)

vendor : Apple (string)

versions : [ »

0 : { »

lessThan : 15 (string)

status : affected (string)

version : unspecified (string)

versionType : custom (string)

}

]

}

2 : { »

product : tvOS (string)

vendor : Apple (string)

versions : [ »

0 : { »

lessThan : 15 (string)

status : affected (string)

version : unspecified (string)

versionType : custom (string)

}

]

}

3 : { »

product : Safari (string)

vendor : Apple (string)

versions : [ »

0 : { »

lessThan : 15 (string)

status : affected (string)

version : unspecified (string)

versionType : custom (string)

}

]

}

4 : { »

product : iTunes for Windows (string)

vendor : Apple (string)

versions : [ »

0 : { »

lessThan : 12.12 (string)

status : affected (string)

version : unspecified (string)

versionType : custom (string)

}

]

}

5 : { »

product : watchOS (string)

vendor : Apple (string)

versions : [ »

0 : { »

lessThan : 8 (string)

status : affected (string)

version : unspecified (string)

versionType : custom (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, watchOS 8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : Processing maliciously crafted web content may lead to arbitrary code execution (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2021-11-19T12:06:18 (string)

orgId : 286789f9-fbc2-4510-9f9a-43facdede74c (string)

shortName : apple (string)

}

references : [ »

0 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : https://support.apple.com/en-us/HT212807 (string)

}

1 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : https://support.apple.com/en-us/HT212814 (string)

}

2 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : https://support.apple.com/en-us/HT212819 (string)

}

3 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : https://support.apple.com/en-us/HT212815 (string)

}

4 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : https://support.apple.com/en-us/HT212817 (string)

}

5 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : https://support.apple.com/en-us/HT212816 (string)

}

6 : { »

name : [oss-security] 20211026 WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006 (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_MLIST (string)

]

url : http://www.openwall.com/lists/oss-security/2021/10/26/9 (string)

}

7 : { »

name : [oss-security] 20211027 Re: WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006 (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_MLIST (string)

]

url : http://www.openwall.com/lists/oss-security/2021/10/27/1 (string)

}

8 : { »

name : [oss-security] 20211027 Re: WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006 (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_MLIST (string)

]

url : http://www.openwall.com/lists/oss-security/2021/10/27/2 (string)

}

9 : { »

name : 20211027 APPLE-SA-2021-10-26-8 Additional information for APPLE-SA-2021-09-20-5 Safari 15 (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_FULLDISC (string)

]

url : http://seclists.org/fulldisclosure/2021/Oct/60 (string)

}

10 : { »

name : 20211027 APPLE-SA-2021-10-26-10 Additional information for APPLE-SA-2021-09-20-2 watchOS 8 (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_FULLDISC (string)

]

url : http://seclists.org/fulldisclosure/2021/Oct/62 (string)

}

11 : { »

name : 20211027 APPLE-SA-2021-10-26-11 Additional information for APPLE-SA-2021-09-20-3 tvOS 15 (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_FULLDISC (string)

]

url : http://seclists.org/fulldisclosure/2021/Oct/63 (string)

}

12 : { »

name : 20211027 APPLE-SA-2021-10-26-9 Additional information for APPLE-SA-2021-09-20-1 iOS 15 and iPadOS 15 (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_FULLDISC (string)

]

url : http://seclists.org/fulldisclosure/2021/Oct/61 (string)

}

13 : { »

name : [oss-security] 20211027 Re: WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006 (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_MLIST (string)

]

url : http://www.openwall.com/lists/oss-security/2021/10/27/4 (string)

}

14 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : https://support.apple.com/kb/HT212869 (string)

}

15 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : https://support.apple.com/kb/HT212953 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : product-security@apple.com (string)

ID : CVE-2021-30849 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : iOS and iPadOS (string)

version : { »

version_data : [ »

0 : { »

version_affected : < (string)

version_value : 14.8 (string)

}

]

}

1 : { »

product_name : iOS and iPadOS (string)

version : { »

version_data : [ »

0 : { »

version_affected : < (string)

version_value : 15 (string)

}

]

}

2 : { »

product_name : tvOS (string)

version : { »

version_data : [ »

0 : { »

version_affected : < (string)

version_value : 15 (string)

}

]

}

3 : { »

product_name : Safari (string)

version : { »

version_data : [ »

0 : { »

version_affected : < (string)

version_value : 15 (string)

}

]

}

4 : { »

product_name : iTunes for Windows (string)

version : { »

version_data : [ »

0 : { »

version_affected : < (string)

version_value : 12.12 (string)

}

]

}

5 : { »

product_name : watchOS (string)

version : { »

version_data : [ »

0 : { »

version_affected : < (string)

version_value : 8 (string)

}

]

}

]

}

vendor_name : Apple (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, watchOS 8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : Processing maliciously crafted web content may lead to arbitrary code execution (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : https://support.apple.com/en-us/HT212807 (string)

refsource : MISC (string)

url : https://support.apple.com/en-us/HT212807 (string)

}

1 : { »

name : https://support.apple.com/en-us/HT212814 (string)

refsource : MISC (string)

url : https://support.apple.com/en-us/HT212814 (string)

}

2 : { »

name : https://support.apple.com/en-us/HT212819 (string)

refsource : MISC (string)

url : https://support.apple.com/en-us/HT212819 (string)

}

3 : { »

name : https://support.apple.com/en-us/HT212815 (string)

refsource : MISC (string)

url : https://support.apple.com/en-us/HT212815 (string)

}

4 : { »

name : https://support.apple.com/en-us/HT212817 (string)

refsource : MISC (string)

url : https://support.apple.com/en-us/HT212817 (string)

}

5 : { »

name : https://support.apple.com/en-us/HT212816 (string)

refsource : MISC (string)

url : https://support.apple.com/en-us/HT212816 (string)

}

6 : { »

name : [oss-security] 20211026 WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006 (string)

refsource : MLIST (string)

url : http://www.openwall.com/lists/oss-security/2021/10/26/9 (string)

}

7 : { »

name : [oss-security] 20211027 Re: WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006 (string)

refsource : MLIST (string)

url : http://www.openwall.com/lists/oss-security/2021/10/27/1 (string)

}

8 : { »

name : [oss-security] 20211027 Re: WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006 (string)

refsource : MLIST (string)

url : http://www.openwall.com/lists/oss-security/2021/10/27/2 (string)

}

9 : { »

name : 20211027 APPLE-SA-2021-10-26-8 Additional information for APPLE-SA-2021-09-20-5 Safari 15 (string)

refsource : FULLDISC (string)

url : http://seclists.org/fulldisclosure/2021/Oct/60 (string)

}

10 : { »

name : 20211027 APPLE-SA-2021-10-26-10 Additional information for APPLE-SA-2021-09-20-2 watchOS 8 (string)

refsource : FULLDISC (string)

url : http://seclists.org/fulldisclosure/2021/Oct/62 (string)

}

11 : { »

name : 20211027 APPLE-SA-2021-10-26-11 Additional information for APPLE-SA-2021-09-20-3 tvOS 15 (string)

refsource : FULLDISC (string)

url : http://seclists.org/fulldisclosure/2021/Oct/63 (string)

}

12 : { »

name : 20211027 APPLE-SA-2021-10-26-9 Additional information for APPLE-SA-2021-09-20-1 iOS 15 and iPadOS 15 (string)

refsource : FULLDISC (string)

url : http://seclists.org/fulldisclosure/2021/Oct/61 (string)

}

13 : { »

name : [oss-security] 20211027 Re: WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006 (string)

refsource : MLIST (string)

url : http://www.openwall.com/lists/oss-security/2021/10/27/4 (string)

}

14 : { »

name : https://support.apple.com/kb/HT212869 (string)

refsource : CONFIRM (string)

url : https://support.apple.com/kb/HT212869 (string)

}

15 : { »

name : https://support.apple.com/kb/HT212953 (string)

refsource : CONFIRM (string)

url : https://support.apple.com/kb/HT212953 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-03T22:48:13.917Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : https://support.apple.com/en-us/HT212807 (string)

}

1 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : https://support.apple.com/en-us/HT212814 (string)

}

2 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : https://support.apple.com/en-us/HT212819 (string)

}

3 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : https://support.apple.com/en-us/HT212815 (string)

}

4 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : https://support.apple.com/en-us/HT212817 (string)

}

5 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : https://support.apple.com/en-us/HT212816 (string)

}

6 : { »

name : [oss-security] 20211026 WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006 (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_MLIST (string)

2 : x_transferred (string)

]

url : http://www.openwall.com/lists/oss-security/2021/10/26/9 (string)

}

7 : { »

name : [oss-security] 20211027 Re: WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006 (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_MLIST (string)

2 : x_transferred (string)

]

url : http://www.openwall.com/lists/oss-security/2021/10/27/1 (string)

}

8 : { »

name : [oss-security] 20211027 Re: WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006 (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_MLIST (string)

2 : x_transferred (string)

]

url : http://www.openwall.com/lists/oss-security/2021/10/27/2 (string)

}

9 : { »

name : 20211027 APPLE-SA-2021-10-26-8 Additional information for APPLE-SA-2021-09-20-5 Safari 15 (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_FULLDISC (string)

2 : x_transferred (string)

]

url : http://seclists.org/fulldisclosure/2021/Oct/60 (string)

}

10 : { »

name : 20211027 APPLE-SA-2021-10-26-10 Additional information for APPLE-SA-2021-09-20-2 watchOS 8 (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_FULLDISC (string)

2 : x_transferred (string)

]

url : http://seclists.org/fulldisclosure/2021/Oct/62 (string)

}

11 : { »

name : 20211027 APPLE-SA-2021-10-26-11 Additional information for APPLE-SA-2021-09-20-3 tvOS 15 (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_FULLDISC (string)

2 : x_transferred (string)

]

url : http://seclists.org/fulldisclosure/2021/Oct/63 (string)

}

12 : { »

name : 20211027 APPLE-SA-2021-10-26-9 Additional information for APPLE-SA-2021-09-20-1 iOS 15 and iPadOS 15 (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_FULLDISC (string)

2 : x_transferred (string)

]

url : http://seclists.org/fulldisclosure/2021/Oct/61 (string)

}

13 : { »

name : [oss-security] 20211027 Re: WebKitGTK and WPE WebKit Security Advisory WSA-2021-0006 (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_MLIST (string)

2 : x_transferred (string)

]

url : http://www.openwall.com/lists/oss-security/2021/10/27/4 (string)

}

14 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : https://support.apple.com/kb/HT212869 (string)

}

15 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : https://support.apple.com/kb/HT212953 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 286789f9-fbc2-4510-9f9a-43facdede74c (string)

assignerShortName : apple (string)

cveId : CVE-2021-30849 (string)

datePublished : 2021-10-19T13:11:42 (string)

dateReserved : 2021-04-13T00:00:00 (string)

dateUpdated : 2024-08-03T22:48:13.917Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apple:itunes:*:*:*:*:*:windows:*:*", "matchCriteriaId": "CB49B700-7A2F-4696-A96B-059F4DDE91B9", "versionEndExcluding": "12.12", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "matchCriteriaId": "F80E547D-86D4-4790-8C0B-8222019C476D", "versionEndExcluding": "15.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", "matchCriteriaId": "FCD67B72-0B1D-46A8-A149-8149ED749FEC", "versionEndExcluding": "14.8", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "matchCriteriaId": "56F86481-D995-43D7-982F-5DC6E4682A65", "versionEndExcluding": "14.8", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "matchCriteriaId": "579B2A0D-A84F-45C2-B545-35ECEA3297DA", "versionEndExcluding": "12.0.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "matchCriteriaId": "B32A978E-673C-421D-93A1-CA84D90B67E4", "versionEndExcluding": "15.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "matchCriteriaId": "5364285F-B3F2-465B-B738-2FC1C8913A44", "versionEndExcluding": "8.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, watchOS 8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution."}, {"lang": "es", "value": "Se han abordado m\u00faltiples problemas de corrupci\u00f3n de memoria con un manejo de memoria mejorado. Este problema es corregido en iOS versi\u00f3n 14.8 y iPadOS versi\u00f3n 14.8, watchOS versi\u00f3n 8, Safari versi\u00f3n 15, tvOS versi\u00f3n 15, iOS versi\u00f3n 15 y iPadOS versi\u00f3n 15, iTunes versi\u00f3n 12.12 para Windows. El procesamiento de contenido web dise\u00f1ado de forma maliciosa puede conllevar a una ejecuci\u00f3n de c\u00f3digo arbitrario"}], "id": "CVE-2021-30849", "lastModified": "2024-11-21T06:04:50.257", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-10-19T14:15:09.770", "references": [{"source": "product-security@apple.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2021/Oct/60"}, {"source": "product-security@apple.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2021/Oct/61"}, {"source": "product-security@apple.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2021/Oct/62"}, {"source": "product-security@apple.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2021/Oct/63"}, {"source": "product-security@apple.com", "tags": ["Mailing List"], "url": "http://www.openwall.com/lists/oss-security/2021/10/26/9"}, {"source": "product-security@apple.com", "tags": ["Mailing List"], "url": "http://www.openwall.com/lists/oss-security/2021/10/27/1"}, {"source": "product-security@apple.com", "tags": ["Mailing List"], "url": "http://www.openwall.com/lists/oss-security/2021/10/27/2"}, {"source": "product-security@apple.com", "tags": ["Mailing List"], "url": "http://www.openwall.com/lists/oss-security/2021/10/27/4"}, {"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT212807"}, {"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT212814"}, {"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT212815"}, {"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT212816"}, {"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT212817"}, {"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT212819"}, {"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/kb/HT212869"}, {"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/kb/HT212953"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2021/Oct/60"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2021/Oct/61"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2021/Oct/62"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2021/Oct/63"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "http://www.openwall.com/lists/oss-security/2021/10/26/9"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "http://www.openwall.com/lists/oss-security/2021/10/27/1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "http://www.openwall.com/lists/oss-security/2021/10/27/2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "http://www.openwall.com/lists/oss-security/2021/10/27/4"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT212807"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT212814"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT212815"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT212816"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT212817"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT212819"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/kb/HT212869"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/kb/HT212953"}], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:apple:itunes:*:*:*:*:*:windows:*:* (string)

matchCriteriaId : CB49B700-7A2F-4696-A96B-059F4DDE91B9 (string)

versionEndExcluding : 12.12 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* (string)

matchCriteriaId : F80E547D-86D4-4790-8C0B-8222019C476D (string)

versionEndExcluding : 15.0 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* (string)

matchCriteriaId : FCD67B72-0B1D-46A8-A149-8149ED749FEC (string)

versionEndExcluding : 14.8 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 56F86481-D995-43D7-982F-5DC6E4682A65 (string)

versionEndExcluding : 14.8 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 579B2A0D-A84F-45C2-B545-35ECEA3297DA (string)

versionEndExcluding : 12.0.1 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* (string)

matchCriteriaId : B32A978E-673C-421D-93A1-CA84D90B67E4 (string)

versionEndExcluding : 15.0 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 5364285F-B3F2-465B-B738-2FC1C8913A44 (string)

versionEndExcluding : 8.0 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, watchOS 8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution. (string)

}

1 : { »

lang : es (string)

value : Se han abordado múltiples problemas de corrupción de memoria con un manejo de memoria mejorado. Este problema es corregido en iOS versión 14.8 y iPadOS versión 14.8, watchOS versión 8, Safari versión 15, tvOS versión 15, iOS versión 15 y iPadOS versión 15, iTunes versión 12.12 para Windows. El procesamiento de contenido web diseñado de forma maliciosa puede conllevar a una ejecución de código arbitrario (string)

}

]

id : CVE-2021-30849 (string)

lastModified : 2024-11-21T06:04:50.257 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : MEDIUM (string)

cvssData : { »

accessComplexity : MEDIUM (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : PARTIAL (string)

baseScore : 6.8 (number)

confidentialityImpact : PARTIAL (string)

integrityImpact : PARTIAL (string)

vectorString : AV:N/AC:M/Au:N/C:P/I:P/A:P (string)

version : 2.0 (string)

}

exploitabilityScore : 8.6 (number)

impactScore : 6.4 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : true (boolean)

}

]

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : LOCAL (string)

availabilityImpact : HIGH (string)

baseScore : 7.8 (number)

baseSeverity : HIGH (string)

confidentialityImpact : HIGH (string)

integrityImpact : HIGH (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : REQUIRED (string)

vectorString : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 1.8 (number)

impactScore : 5.9 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2021-10-19T14:15:09.770 (string)

references : [ »

0 : { »

source : product-security@apple.com (string)

tags : [ »

0 : Mailing List (string)

1 : Third Party Advisory (string)

]

url : http://seclists.org/fulldisclosure/2021/Oct/60 (string)

}

1 : { »

source : product-security@apple.com (string)

tags : [ »

0 : Mailing List (string)

1 : Third Party Advisory (string)

]

url : http://seclists.org/fulldisclosure/2021/Oct/61 (string)

}

2 : { »

source : product-security@apple.com (string)

tags : [ »

0 : Mailing List (string)

1 : Third Party Advisory (string)

]

url : http://seclists.org/fulldisclosure/2021/Oct/62 (string)

}

3 : { »

source : product-security@apple.com (string)

tags : [ »

0 : Mailing List (string)

1 : Third Party Advisory (string)

]

url : http://seclists.org/fulldisclosure/2021/Oct/63 (string)

}

4 : { »

source : product-security@apple.com (string)

tags : [ »

0 : Mailing List (string)

]

url : http://www.openwall.com/lists/oss-security/2021/10/26/9 (string)

}

5 : { »

source : product-security@apple.com (string)

tags : [ »

0 : Mailing List (string)

]

url : http://www.openwall.com/lists/oss-security/2021/10/27/1 (string)

}

6 : { »

source : product-security@apple.com (string)

tags : [ »

0 : Mailing List (string)

]

url : http://www.openwall.com/lists/oss-security/2021/10/27/2 (string)

}

7 : { »

source : product-security@apple.com (string)

tags : [ »

0 : Mailing List (string)

]

url : http://www.openwall.com/lists/oss-security/2021/10/27/4 (string)

}

8 : { »

source : product-security@apple.com (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://support.apple.com/en-us/HT212807 (string)

}

9 : { »

source : product-security@apple.com (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://support.apple.com/en-us/HT212814 (string)

}

10 : { »

source : product-security@apple.com (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://support.apple.com/en-us/HT212815 (string)

}

11 : { »

source : product-security@apple.com (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://support.apple.com/en-us/HT212816 (string)

}

12 : { »

source : product-security@apple.com (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://support.apple.com/en-us/HT212817 (string)

}

13 : { »

source : product-security@apple.com (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://support.apple.com/en-us/HT212819 (string)

}

14 : { »

source : product-security@apple.com (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://support.apple.com/kb/HT212869 (string)

}

15 : { »

source : product-security@apple.com (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://support.apple.com/kb/HT212953 (string)

}

16 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Mailing List (string)

1 : Third Party Advisory (string)

]

url : http://seclists.org/fulldisclosure/2021/Oct/60 (string)

}

17 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Mailing List (string)

1 : Third Party Advisory (string)

]

url : http://seclists.org/fulldisclosure/2021/Oct/61 (string)

}

18 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Mailing List (string)

1 : Third Party Advisory (string)

]

url : http://seclists.org/fulldisclosure/2021/Oct/62 (string)

}

19 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Mailing List (string)

1 : Third Party Advisory (string)

]

url : http://seclists.org/fulldisclosure/2021/Oct/63 (string)

}

20 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Mailing List (string)

]

url : http://www.openwall.com/lists/oss-security/2021/10/26/9 (string)

}

21 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Mailing List (string)

]

url : http://www.openwall.com/lists/oss-security/2021/10/27/1 (string)

}

22 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Mailing List (string)

]

url : http://www.openwall.com/lists/oss-security/2021/10/27/2 (string)

}

23 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Mailing List (string)

]

url : http://www.openwall.com/lists/oss-security/2021/10/27/4 (string)

}

24 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://support.apple.com/en-us/HT212807 (string)

}

25 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://support.apple.com/en-us/HT212814 (string)

}

26 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://support.apple.com/en-us/HT212815 (string)

}

27 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://support.apple.com/en-us/HT212816 (string)

}

28 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://support.apple.com/en-us/HT212817 (string)

}

29 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://support.apple.com/en-us/HT212819 (string)

}

30 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://support.apple.com/kb/HT212869 (string)

}

31 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://support.apple.com/kb/HT212953 (string)

}

]

sourceIdentifier : product-security@apple.com (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-787 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Show plain JSON

{"affected_release": [{"advisory": "RHSA-2025:10364", "cpe": "cpe:/o:redhat:rhel_els:7", "package": "webkitgtk4-0:2.48.3-2.el7_9", "product_name": "Red Hat Enterprise Linux 7 Extended Lifecycle Support", "release_date": "2025-07-07T00:00:00Z"}, {"advisory": "RHSA-2022:1777", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "webkit2gtk3-0:2.34.6-1.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2022-05-10T00:00:00Z"}], "bugzilla": {"description": "webkitgtk: Multiple memory corruption issue leading to arbitrary code execution", "id": "2017904", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2017904"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.8", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-787", "details": ["Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, watchOS 8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution."], "name": "CVE-2021-30849", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "webkitgtk", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "webkitgtk3", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "webkit2gtk3", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2021-10-26T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-30849\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-30849"], "threat_severity": "Moderate"}

{

affected_release : [ »

0 : { »

advisory : RHSA-2025:10364 (string)

cpe : cpe:/o:redhat:rhel_els:7 (string)

package : webkitgtk4-0:2.48.3-2.el7_9 (string)

product_name : Red Hat Enterprise Linux 7 Extended Lifecycle Support (string)

release_date : 2025-07-07T00:00:00Z (string)

}

1 : { »

advisory : RHSA-2022:1777 (string)

cpe : cpe:/a:redhat:enterprise_linux:8 (string)

package : webkit2gtk3-0:2.34.6-1.el8 (string)

product_name : Red Hat Enterprise Linux 8 (string)

release_date : 2022-05-10T00:00:00Z (string)

}

]

bugzilla : { »

description : webkitgtk: Multiple memory corruption issue leading to arbitrary code execution (string)

id : 2017904 (string)

url : https://bugzilla.redhat.com/show_bug.cgi?id=2017904 (string)

}

csaw : false (boolean)

cvss3 : { »

cvss3_base_score : 7.8 (string)

cvss3_scoring_vector : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H (string)

status : verified (string)

}

cwe : CWE-787 (string)

details : [ »

0 : Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, watchOS 8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution. (string)

]

name : CVE-2021-30849 (string)

package_state : [ »

0 : { »

cpe : cpe:/o:redhat:enterprise_linux:6 (string)

fix_state : Out of support scope (string)

package_name : webkitgtk (string)

product_name : Red Hat Enterprise Linux 6 (string)

}

1 : { »

cpe : cpe:/o:redhat:enterprise_linux:7 (string)

fix_state : Out of support scope (string)

package_name : webkitgtk3 (string)

product_name : Red Hat Enterprise Linux 7 (string)

}

2 : { »

cpe : cpe:/o:redhat:enterprise_linux:9 (string)

fix_state : Not affected (string)

package_name : webkit2gtk3 (string)

product_name : Red Hat Enterprise Linux 9 (string)

}

]

public_date : 2021-10-26T00:00:00Z (string)

references : [ »

0 : https://www.cve.org/CVERecord?id=CVE-2021-30849 https://nvd.nist.gov/vuln/detail/CVE-2021-30849 (string)

]

threat_severity : Moderate (string)

}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object