Details of VAR-202109-0276

ID

VAR-202109-0276

CVE

CVE-2021-1810

TITLE

macOS Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2021-013560

DESCRIPTION

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina. A malicious application may bypass Gatekeeper checks. macOS Exists in unspecified vulnerabilities.Information may be tampered with. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. Apple macOS is a set of dedicated operating systems developed by Apple Corporation for Mac computers. A permissions and access control issue vulnerability exists in macOS due to the application not properly imposing security restrictions in the archive utility. The following products and versions are affected: Macos: 10.15 19A583, 10.15 19A602, 10.15 19A603, 10.15.1 19B88, 10.15.2 19C57, 10.15.3 19d76, 10.15.4 19E266, 10.15.4 19E287, 10.15.5 19F96, 10.15. 5 19F101, 10.15.6 19G73, 10.15.6 19G2021, 10.15.7 19H2, 10.15.7 19H4, 10.15.7 19H15, 10.15.7 19H114, 10.15.7 19H512, 10.15.7 19H524, 11.0.0.1 20B299 , 11.0.1 20B50, 11.1 20C69, 11.2 20D64, 11.2.1 20D74, 11.2.1 20D75, 11.2.2 20D80, 11.2.3 20D91. Information about the security content is also available at https://support.apple.com/HT212325. CVE-2021-1853: Gary Nield of ECSC Group plc and Tim Michaud(@TimGMichaud) of Zoom Video Communications AppleMobileFileIntegrity Available for: macOS Big Sur Impact: A malicious application may be able to bypass Privacy preferences Description: An issue in code signature validation was addressed with improved checks. CVE-2021-1849: Siguza Apple Neural Engine Available for: macOS Big Sur Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds read was addressed with improved input validation. CVE-2021-1867: Zuozhi Fan (@pattern_F_) and Wish Wu(吴潍浠) of Ant Group Tianqiong Security Lab Archive Utility Available for: macOS Big Sur Impact: A malicious application may bypass Gatekeeper checks Description: A logic issue was addressed with improved state management. CVE-2021-1810: an anonymous researcher Audio Available for: macOS Big Sur Impact: An application may be able to read restricted memory Description: A memory corruption issue was addressed with improved validation. CVE-2021-1808: JunDong Xie of Ant Security Light-Year Lab CFNetwork Available for: macOS Big Sur Impact: Processing maliciously crafted web content may disclose sensitive user information Description: A memory initialization issue was addressed with improved memory handling. CVE-2021-1857: an anonymous researcher CoreAudio Available for: macOS Big Sur Impact: Processing a maliciously crafted audio file may disclose restricted memory Description: An out-of-bounds read was addressed with improved input validation. CVE-2021-1846: JunDong Xie of Ant Security Light-Year Lab CoreAudio Available for: macOS Big Sur Impact: A malicious application may be able to read restricted memory Description: A memory corruption issue was addressed with improved validation. CVE-2021-1809: JunDong Xie of Ant Security Light-Year Lab CoreFoundation Available for: macOS Big Sur Impact: A malicious application may be able to leak sensitive user information Description: A validation issue was addressed with improved logic. CVE-2021-30659: Thijs Alkemade of Computest CoreGraphics Available for: macOS Big Sur Impact: Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution Description: A memory corruption issue was addressed with improved validation. CVE-2021-1847: Xuwei Liu of Purdue University CoreText Available for: macOS Big Sur Impact: Processing a maliciously crafted font may result in the disclosure of process memory Description: A logic issue was addressed with improved state management. CVE-2021-1811: Xingwei Lin of Ant Security Light-Year Lab curl Available for: macOS Big Sur Impact: An attacker may provide a fraudulent OCSP response that would appear valid Description: This issue was addressed with improved checks. CVE-2020-8286: an anonymous researcher curl Available for: macOS Big Sur Impact: A remote attacker may be able to cause a denial of service Description: A buffer overflow was addressed with improved input validation. CVE-2020-8285: xnynx DiskArbitration Available for: macOS Big Sur Impact: A malicious application may be able to modify protected parts of the file system Description: A permissions issue existed in DiskArbitration. This was addressed with additional ownership checks. CVE-2021-1784: Mikko Kenttälä (@Turmio_) of SensorFu, Csaba Fitzl (@theevilbit) of Offensive Security, and an anonymous researcher FaceTime Available for: macOS Big Sur Impact: Muting a CallKit call while ringing may not result in mute being enabled Description: A logic issue was addressed with improved state management. CVE-2021-1872: Siraj Zaneer of Facebook FontParser Available for: macOS Big Sur Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2021-1881: an anonymous researcher, Xingwei Lin of Ant Security Light-Year Lab, Mickey Jin of Trend Micro, and Hou JingYi (@hjy79425575) of Qihoo 360 Foundation Available for: macOS Big Sur Impact: An application may be able to gain elevated privileges Description: A memory corruption issue was addressed with improved validation. CVE-2021-1882: Gabe Kirkpatrick (@gabe_k) Foundation Available for: macOS Big Sur Impact: A malicious application may be able to gain root privileges Description: A validation issue was addressed with improved logic. CVE-2021-1813: Cees Elzinga Heimdal Available for: macOS Big Sur Impact: Processing maliciously crafted server messages may lead to heap corruption Description: This issue was addressed with improved checks. CVE-2021-1883: Gabe Kirkpatrick (@gabe_k) Heimdal Available for: macOS Big Sur Impact: A remote attacker may be able to cause a denial of service Description: A race condition was addressed with improved locking. CVE-2021-1884: Gabe Kirkpatrick (@gabe_k) ImageIO Available for: macOS Big Sur Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: This issue was addressed with improved checks. CVE-2021-1880: Xingwei Lin of Ant Security Light-Year Lab CVE-2021-30653: Ye Zhang of Baidu Security CVE-2021-1814: Ye Zhang of Baidu Security, Mickey Jin & Qi Sun of Trend Micro, and Xingwei Lin of Ant Security Light-Year Lab CVE-2021-1843: Ye Zhang of Baidu Security ImageIO Available for: macOS Big Sur Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2021-1885: CFF of Topsec Alpha Team ImageIO Available for: macOS Big Sur Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2021-1858: Mickey Jin of Trend Micro Installer Available for: macOS Big Sur Impact: A malicious application may bypass Gatekeeper checks Description: This issue was addressed with improved handling of file metadata. CVE-2021-30658: Wojciech Reguła (@_r3ggi) of SecuRing Intel Graphics Driver Available for: macOS Big Sur Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2021-1841: Jack Dates of RET2 Systems, Inc. CVE-2021-1834: ABC Research s.r.o. working with Trend Micro Zero Day Initiative Kernel Available for: macOS Big Sur Impact: A malicious application may be able to disclose kernel memory Description: A memory initialization issue was addressed with improved memory handling. CVE-2021-1860: @0xalsr Kernel Available for: macOS Big Sur Impact: A local attacker may be able to elevate their privileges Description: A memory corruption issue was addressed with improved validation. CVE-2021-1840: Zuozhi Fan (@pattern_F_) of Ant Group Tianqiong Security Lab Kernel Available for: macOS Big Sur Impact: An application may be able to execute arbitrary code with kernel privileges Description: A logic issue was addressed with improved state management. CVE-2021-1851: @0xalsr Kernel Available for: macOS Big Sur Impact: Copied files may not have the expected file permissions Description: The issue was addressed with improved permissions logic. CVE-2021-1832: an anonymous researcher Kernel Available for: macOS Big Sur Impact: A malicious application may be able to disclose kernel memory Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2021-30660: Alex Plaskett libxpc Available for: macOS Big Sur Impact: A malicious application may be able to gain root privileges Description: A race condition was addressed with additional validation. CVE-2021-30652: James Hutchins libxslt Available for: macOS Big Sur Impact: Processing a maliciously crafted file may lead to heap corruption Description: A double free issue was addressed with improved memory management. CVE-2021-1875: Found by OSS-Fuzz Login Window Available for: macOS Big Sur Impact: A malicious application with root privileges may be able to access private information Description: This issue was addressed with improved entitlements. CVE-2021-1859: Syed Ali Shuja (@SyedAliShuja) of Colour King Pvt. Ltd NSRemoteView Available for: macOS Big Sur Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2021-1876: Matthew Denton of Google Chrome Preferences Available for: macOS Big Sur Impact: A local user may be able to modify protected parts of the file system Description: A parsing issue in the handling of directory paths was addressed with improved path validation. CVE-2021-1815: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com) CVE-2021-1739: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com) CVE-2021-1740: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com) Safari Available for: macOS Big Sur Impact: A malicious website may be able to track users by setting state in a cache Description: An issue existed in determining cache occupancy. CVE-2021-1861: Konstantinos Solomos of University of Illinois at Chicago Safari Available for: macOS Big Sur Impact: A malicious website may be able to force unnecessary network connections to fetch its favicon Description: A logic issue was addressed with improved state management. CVE-2021-1868: Tim Michaud of Zoom Communications smbx Available for: macOS Big Sur Impact: An attacker in a privileged network position may be able to leak sensitive user information Description: An integer overflow was addressed with improved input validation. CVE-2021-1878: Aleksandar Nikolic of Cisco Talos (talosintelligence.com) System Preferences Available for: macOS Big Sur Impact: A malicious application may bypass Gatekeeper checks Description: A logic issue was addressed with improved state management. CVE-2021-30657: an anonymous researcher tcpdump Available for: macOS Big Sur Impact: A remote attacker may be able to cause a denial of service Description: This issue was addressed with improved checks. CVE-2020-8037: an anonymous researcher Time Machine Available for: macOS Big Sur Impact: A local attacker may be able to elevate their privileges Description: The issue was addressed with improved permissions logic. CVE-2021-1839: Tim Michaud(@TimGMichaud) of Zoom Video Communications and Gary Nield of ECSC Group plc WebKit Available for: macOS Big Sur Impact: Processing maliciously crafted web content may lead to a cross site scripting attack Description: An input validation issue was addressed with improved input validation. CVE-2021-1825: Alex Camboe of Aon’s Cyber Solutions WebKit Available for: macOS Big Sur Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved state management. CVE-2021-1817: an anonymous researcher WebKit Available for: macOS Big Sur Impact: Processing maliciously crafted web content may lead to universal cross site scripting Description: A logic issue was addressed with improved restrictions. CVE-2021-1826: an anonymous researcher WebKit Available for: macOS Big Sur Impact: Processing maliciously crafted web content may result in the disclosure of process memory Description: A memory initialization issue was addressed with improved memory handling. CVE-2021-1820: an anonymous researcher WebKit Storage Available for: macOS Big Sur Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. CVE-2021-30661: yangkang(@dnpushme) of 360 ATA WebRTC Available for: macOS Big Sur Impact: A remote attacker may be able to cause unexpected system termination or corrupt kernel memory Description: A use after free issue was addressed with improved memory management. CVE-2020-7463: Megan2013678 Wi-Fi Available for: macOS Big Sur Impact: An application may be able to cause unexpected system termination or write kernel memory Description: A memory corruption issue was addressed with improved validation. CVE-2021-1828: Zuozhi Fan (@pattern_F_) of Ant Group Tianqiong Security Lab Wi-Fi Available for: macOS Big Sur Impact: An application may be able to execute arbitrary code with kernel privileges Description: A type confusion issue was addressed with improved state handling. CVE-2021-1829: Tielei Wang of Pangu Lab Wi-Fi Available for: macOS Big Sur Impact: An application may be able to execute arbitrary code with system privileges Description: The issue was addressed with improved permissions logic. CVE-2021-30655: Gary Nield of ECSC Group plc and Tim Michaud(@TimGMichaud) of Zoom Video Communications and Wojciech Reguła (@_r3ggi) of SecuRing Windows Server Available for: macOS Big Sur Impact: A malicious application may be able to unexpectedly leak a user's credentials from secure text fields Description: An API issue in Accessibility TCC permissions was addressed with improved state management. CVE-2021-1873: an anonymous researcher Installation note: This update may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/ Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEbURczHs1TP07VIfuZcsbuWJ6jjAFAmCHO0UACgkQZcsbuWJ6 jjA/XA/7BDDpbLo0btLbUrps6ELmcqFZhpvhuekw8Yd3jVeJihLcJGJpY38ZCcne srCJHuXPzlk3ex0bVkKNRrB04xF0vCA4TEBsJ495754PAKWrxmlx0Ce8zg4h+ey/ cMTaUgfB1sgOFO8kJCKJurCjhyQ3Xj5c5xa8/zxlKoAgI36PmhZsCoXC6KD+5mqn QCRF0kE/y0QSfsq13j4grLGMXLS4pkAJRMWvDiEliYDTw3pOul7ZDOwxLEyucVTv fE60H7ff7jfPbDcQ4yEgEbla40+YZYwl9Sv4zxIU2OBPva6HLbA+PXxk4F1QX7eA ECrfycMSIbQKZ2phryENZCcrX5DN4M/VcGIHq4ujF2CXBJymSWV0O5k5K0GzZ0Ko T2Zr2LOOunvHGrYy0okholNYb0iMA09dvwuDdEGr+vhLZhq1BBbmThhNEnArl7mE /fx2bvaS3o8TxGuh7mbeFK9q5Tafxe5Qhwgz9pnAtqBC8z1NgQoetk9pKPNDIsNY t3/7Xcix+fs28YOjmxPTpntud0EGSjxXm4g0bDbsU922iV1Z3ncgOvd//IzPXniS v4IqR/gPbhg+c2CGoaezD91sE5onLuMmFCogkUyftGHnN0EueKMjI+3fmyG4l4d1 0C3to6hKJNmTm56RgxwfVVOeVnsPF490s9LUYzO4ZUbaQHIuDfo= =9+Ju -----END PGP SIGNATURE-----

Trust: 2.43

sources: NVD: CVE-2021-1810 // JVNDB: JVNDB-2021-013560 // CNNVD: CNNVD-202104-975 // VULHUB: VHN-376470 // PACKETSTORM: 162360 // PACKETSTORM: 162358

AFFECTED PRODUCTS

vendor:	apple	model:	mac os x	scope:	eq	version:	10.15.7	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.15.6	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	lte	version:	10.15.5	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	gte	version:	10.15	Trust: 1.0
vendor:	apple	model:	macos	scope:	gte	version:	11.0	Trust: 1.0
vendor:	apple	model:	macos	scope:	lt	version:	11.3	Trust: 1.0
vendor:	アップル	model:	apple mac os x	scope:	-	version:	-	Trust: 0.8
vendor:	アップル	model:	macos	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2021-013560 // NVD: CVE-2021-1810

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD:	CVE-2021-1810
value:	MEDIUM
Trust: 1.8
CNNVD:	CNNVD-202104-975
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-202104-1986
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-376470
value:	MEDIUM
Trust: 0.1

NVD:
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	FALSE
obtainAllPrivilege:	FALSE
obtainUserPrivilege:	FALSE
obtainOtherPrivilege:	FALSE
userInteractionRequired:	TRUE
version:	2.0
Trust: 1.0
NVD:	CVE-2021-1810
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
VULHUB:	VHN-376470
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

NVD:
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	1.8
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	CVE-2021-1810
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-376470 // JVNDB: JVNDB-2021-013560 // NVD: CVE-2021-1810 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202104-1986

PROBLEMTYPE DATA

problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	Lack of information (CWE-noinfo) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2021-013560 // NVD: CVE-2021-1810

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202104-1986

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202104-975

CONFIGURATIONS

sources: NVD: CVE-2021-1810

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-376470

PATCH

title:	HT212325 Apple Security update	url:	https://support.apple.com/en-us/ht212325	Trust: 0.8
title:	Apple macOS Fixes for permissions and access control issues vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=148663	Trust: 0.6
title:	Apple: macOS Big Sur 11.3	url:	https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=c631c09ebe15d0799205eda727cdfeb3	Trust: 0.1

sources: VULMON: CVE-2021-1810 // JVNDB: JVNDB-2021-013560 // CNNVD: CNNVD-202104-1986

EXTERNAL IDS

db:	NVD	id:	CVE-2021-1810	Trust: 3.6
db:	PACKETSTORM	id:	164375	Trust: 2.5
db:	PACKETSTORM	id:	162358	Trust: 0.8
db:	JVNDB	id:	JVNDB-2021-013560	Trust: 0.8
db:	CS-HELP	id:	SB2021041363	Trust: 0.6
db:	CNNVD	id:	CNNVD-202104-975	Trust: 0.6
db:	CXSECURITY	id:	WLB-2021100032	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.1409.2	Trust: 0.6
db:	CS-HELP	id:	SB2021042704	Trust: 0.6
db:	CNNVD	id:	CNNVD-202104-1986	Trust: 0.6
db:	PACKETSTORM	id:	162360	Trust: 0.2
db:	VULHUB	id:	VHN-376470	Trust: 0.1
db:	VULMON	id:	CVE-2021-1810	Trust: 0.1

sources: VULHUB: VHN-376470 // VULMON: CVE-2021-1810 // JVNDB: JVNDB-2021-013560 // PACKETSTORM: 162360 // PACKETSTORM: 162358 // NVD: CVE-2021-1810 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202104-1986

REFERENCES

url:	http://packetstormsecurity.com/files/164375/gatekeeper-bypass-proof-of-concept.html	Trust: 3.1
url:	https://support.apple.com/en-us/ht212325	Trust: 1.7
url:	https://support.apple.com/en-us/ht212326	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1810	Trust: 1.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021041363	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.1409.2	Trust: 0.6
url:	https://cxsecurity.com/issue/wlb-2021100032	Trust: 0.6
url:	https://vigilance.fr/vulnerability/apple-macos-multiple-vulnerabilities-35171	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021042704	Trust: 0.6
url:	https://packetstormsecurity.com/files/162358/apple-security-advisory-2021-04-26-2.html	Trust: 0.6
url:	https://support.apple.com/kb/ht201222	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1813	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1840	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1739	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1828	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1809	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2020-8037	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1784	Trust: 0.2
url:	https://support.apple.com/downloads/	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1843	Trust: 0.2
url:	https://www.apple.com/support/security/pgp/	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1811	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1839	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1824	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2020-8285	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1834	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2020-8286	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1740	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1808	Trust: 0.2
url:	https://support.apple.com/kb/ht212325	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1860	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1857	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1876	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1851	Trust: 0.1
url:	https://support.apple.com/ht212326.	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1875	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1847	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-27942	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-3838	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1797	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1873	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1868	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1814	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1820	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1815	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1817	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-7463	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1846	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1841	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1825	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1826	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1832	Trust: 0.1
url:	https://support.apple.com/ht212325.	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1829	Trust: 0.1

CREDITS

Apple

Trust: 0.8

sources: PACKETSTORM: 162360 // PACKETSTORM: 162358 // CNNVD: CNNVD-202104-1986

SOURCES

db:	VULHUB	id:	VHN-376470
db:	VULMON	id:	CVE-2021-1810
db:	JVNDB	id:	JVNDB-2021-013560
db:	PACKETSTORM	id:	162360
db:	PACKETSTORM	id:	162358
db:	NVD	id:	CVE-2021-1810
db:	CNNVD	id:	CNNVD-202104-975
db:	CNNVD	id:	CNNVD-202104-1986

LAST UPDATE DATE

2023-12-18T11:00:50.224000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-376470	date:	2021-10-07T00:00:00
db:	JVNDB	id:	JVNDB-2021-013560	date:	2022-09-15T09:09:00
db:	NVD	id:	CVE-2021-1810	date:	2021-10-07T17:55:15.173
db:	CNNVD	id:	CNNVD-202104-975	date:	2021-04-14T00:00:00
db:	CNNVD	id:	CNNVD-202104-1986	date:	2021-10-08T00:00:00

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-376470	date:	2021-09-08T00:00:00
db:	JVNDB	id:	JVNDB-2021-013560	date:	2022-09-15T00:00:00
db:	PACKETSTORM	id:	162360	date:	2021-04-28T14:58:36
db:	PACKETSTORM	id:	162358	date:	2021-04-28T14:55:56
db:	NVD	id:	CVE-2021-1810	date:	2021-09-08T15:15:09.563
db:	CNNVD	id:	CNNVD-202104-975	date:	2021-04-13T00:00:00
db:	CNNVD	id:	CNNVD-202104-1986	date:	2021-04-27T00:00:00