Details of VAR-202109-1311

ID

VAR-202109-1311

CVE

CVE-2021-30661

TITLE

plural Apple Product Use of Freed Memory Vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2021-013603

DESCRIPTION

A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.1, iOS 12.5.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. plural Apple The product contains a usage of freed memory vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. A resource management error vulnerability exists in WebKitGTK+ due to an after-the-fact usage error when handling web content in the WebKit Storage component. The following products and versions are affected: WebKitGTK+: 2.30.0, 2.30.1, 2.30.2, 2.30.3, 2.30.4, 2.30.5, 2.30.6, 2.31.1, 2.31.90, 2.31.91, 2.32 .0. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2021-05-03-2 iOS 12.5.3 iOS 12.5.3 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT212341. WebKit Available for: iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2021-30666: yangkang (@dnpushme)&zerokeeper&bianliang of 360 ATA WebKit Available for: iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2021-30665: yangkang (@dnpushme)&zerokeeper&bianliang of 360 ATA WebKit Available for: iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: An integer overflow was addressed with improved input validation. CVE-2021-30663: an anonymous researcher WebKit Storage Available for: iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2021-30661: yangkang (@dnpushme)&zerokeeper&bianliang of 360 ATA Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About * The version after applying this update will be "12.5.3" Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEbURczHs1TP07VIfuZcsbuWJ6jjAFAmCQZx4ACgkQZcsbuWJ6 jjCiGRAAi5J2AQryw94HIbUPGtr2/fYqwz+Gh1SRD+D0Z60jCj69PsS2p9J2l2Gv xvJV0uOOnMYI84by+IGwYWn9PhV6kDEi5vKKXtxnCBpudeZlIjrSrPM57Xj8Q5hd oTPriiaGElq5gACWO5hn+ngsQAWeyX9zoKZnakAQtfl60Jf1EUpNjWWw1KEx/QXh DDwacgq3um1nw9V1lZFtyvJnUdWd/ONwTuEjXoMLD9oNuCDFWBB68Fr8pCvgT1i7 xCayB/staEKT9tQJor3pLyLY+aCm9evTONcle8vc1jKNAI6Te6g+4SIBSUUlGI8X LKMesySh7+mKhaGQOhVhRIBl01hmm9hFDf1pNhkBttTEsueoRqjhW9//kw5VUQPc oqwH5BtQz4lQy9hz/l4whW/aKTSwYGGW6pf/HqoMFNIm7an7EUUWulCtsTsE6E1C IxClVzudpDVo7VnjVVbgAXzDFgaroAhSF4f+ABD7Fnwuf7GToq01nRnr/9asnhkQ thU/wamscRCbsBj4kO+wl+609jAQvos+GG5KWyn3DU6/WK/LLAWLJZd30/CxAChI W6xt8tmWls9WaAPlCrsrZcOAN3uF1kpMPORrl6pDbLjBopE5zlGFYRUuV95tqcdn 4T4xnax14QhesA5RrhZVcEpZODElmGnGThw65o2dZAoNGi5zKD0=M5se -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202202-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: WebkitGTK+: Multiple vulnerabilities Date: February 01, 2022 Bugs: #779175, #801400, #813489, #819522, #820434, #829723, #831739 ID: 202202-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple vulnerabilities have been found in WebkitGTK+, the worst of which could result in the arbitrary execution of code. Background ========= WebKitGTK+ is a full-featured port of the WebKit rendering engine, suitable for projects requiring any kind of web integration, from hybrid HTML/CSS applications to full-fledged web browsers. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-libs/webkit-gtk < 2.34.4 >= 2.34.4 Description ========== Multiple vulnerabilities have been discovered in WebkitGTK+. Please review the CVE identifiers referenced below for details. Impact ===== An attacker, by enticing a user to visit maliciously crafted web content, may be able to execute arbitrary code, violate iframe sandboxing policy, access restricted ports on arbitrary servers, cause memory corruption, or could cause a Denial of Service condition. Workaround ========= There is no known workaround at this time. Resolution ========= All WebkitGTK+ users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.34.4" References ========= [ 1 ] CVE-2021-30848 https://nvd.nist.gov/vuln/detail/CVE-2021-30848 [ 2 ] CVE-2021-30888 https://nvd.nist.gov/vuln/detail/CVE-2021-30888 [ 3 ] CVE-2021-30682 https://nvd.nist.gov/vuln/detail/CVE-2021-30682 [ 4 ] CVE-2021-30889 https://nvd.nist.gov/vuln/detail/CVE-2021-30889 [ 5 ] CVE-2021-30666 https://nvd.nist.gov/vuln/detail/CVE-2021-30666 [ 6 ] CVE-2021-30665 https://nvd.nist.gov/vuln/detail/CVE-2021-30665 [ 7 ] CVE-2021-30890 https://nvd.nist.gov/vuln/detail/CVE-2021-30890 [ 8 ] CVE-2021-30661 https://nvd.nist.gov/vuln/detail/CVE-2021-30661 [ 9 ] WSA-2021-0005 https://webkitgtk.org/security/WSA-2021-0005.html [ 10 ] CVE-2021-30761 https://nvd.nist.gov/vuln/detail/CVE-2021-30761 [ 11 ] CVE-2021-30897 https://nvd.nist.gov/vuln/detail/CVE-2021-30897 [ 12 ] CVE-2021-30823 https://nvd.nist.gov/vuln/detail/CVE-2021-30823 [ 13 ] CVE-2021-30734 https://nvd.nist.gov/vuln/detail/CVE-2021-30734 [ 14 ] CVE-2021-30934 https://nvd.nist.gov/vuln/detail/CVE-2021-30934 [ 15 ] CVE-2021-1871 https://nvd.nist.gov/vuln/detail/CVE-2021-1871 [ 16 ] CVE-2021-30762 https://nvd.nist.gov/vuln/detail/CVE-2021-30762 [ 17 ] WSA-2021-0006 https://webkitgtk.org/security/WSA-2021-0006.html [ 18 ] CVE-2021-30797 https://nvd.nist.gov/vuln/detail/CVE-2021-30797 [ 19 ] CVE-2021-30936 https://nvd.nist.gov/vuln/detail/CVE-2021-30936 [ 20 ] CVE-2021-30663 https://nvd.nist.gov/vuln/detail/CVE-2021-30663 [ 21 ] CVE-2021-1825 https://nvd.nist.gov/vuln/detail/CVE-2021-1825 [ 22 ] CVE-2021-30951 https://nvd.nist.gov/vuln/detail/CVE-2021-30951 [ 23 ] CVE-2021-30952 https://nvd.nist.gov/vuln/detail/CVE-2021-30952 [ 24 ] CVE-2021-1788 https://nvd.nist.gov/vuln/detail/CVE-2021-1788 [ 25 ] CVE-2021-1820 https://nvd.nist.gov/vuln/detail/CVE-2021-1820 [ 26 ] CVE-2021-30953 https://nvd.nist.gov/vuln/detail/CVE-2021-30953 [ 27 ] CVE-2021-30749 https://nvd.nist.gov/vuln/detail/CVE-2021-30749 [ 28 ] CVE-2021-30849 https://nvd.nist.gov/vuln/detail/CVE-2021-30849 [ 29 ] CVE-2021-1826 https://nvd.nist.gov/vuln/detail/CVE-2021-1826 [ 30 ] CVE-2021-30836 https://nvd.nist.gov/vuln/detail/CVE-2021-30836 [ 31 ] CVE-2021-30954 https://nvd.nist.gov/vuln/detail/CVE-2021-30954 [ 32 ] CVE-2021-30984 https://nvd.nist.gov/vuln/detail/CVE-2021-30984 [ 33 ] CVE-2021-30851 https://nvd.nist.gov/vuln/detail/CVE-2021-30851 [ 34 ] CVE-2021-30758 https://nvd.nist.gov/vuln/detail/CVE-2021-30758 [ 35 ] CVE-2021-42762 https://nvd.nist.gov/vuln/detail/CVE-2021-42762 [ 36 ] CVE-2021-1844 https://nvd.nist.gov/vuln/detail/CVE-2021-1844 [ 37 ] CVE-2021-30689 https://nvd.nist.gov/vuln/detail/CVE-2021-30689 [ 38 ] CVE-2021-45482 https://nvd.nist.gov/vuln/detail/CVE-2021-45482 [ 39 ] CVE-2021-30858 https://nvd.nist.gov/vuln/detail/CVE-2021-30858 [ 40 ] CVE-2021-21779 https://nvd.nist.gov/vuln/detail/CVE-2021-21779 [ 41 ] WSA-2021-0004 https://webkitgtk.org/security/WSA-2021-0004.html [ 42 ] CVE-2021-30846 https://nvd.nist.gov/vuln/detail/CVE-2021-30846 [ 43 ] CVE-2021-30744 https://nvd.nist.gov/vuln/detail/CVE-2021-30744 [ 44 ] CVE-2021-30809 https://nvd.nist.gov/vuln/detail/CVE-2021-30809 [ 45 ] CVE-2021-30884 https://nvd.nist.gov/vuln/detail/CVE-2021-30884 [ 46 ] CVE-2021-30720 https://nvd.nist.gov/vuln/detail/CVE-2021-30720 [ 47 ] CVE-2021-30799 https://nvd.nist.gov/vuln/detail/CVE-2021-30799 [ 48 ] CVE-2021-30795 https://nvd.nist.gov/vuln/detail/CVE-2021-30795 [ 49 ] CVE-2021-1817 https://nvd.nist.gov/vuln/detail/CVE-2021-1817 [ 50 ] CVE-2021-21775 https://nvd.nist.gov/vuln/detail/CVE-2021-21775 [ 51 ] CVE-2021-30887 https://nvd.nist.gov/vuln/detail/CVE-2021-30887 [ 52 ] CVE-2021-21806 https://nvd.nist.gov/vuln/detail/CVE-2021-21806 [ 53 ] CVE-2021-30818 https://nvd.nist.gov/vuln/detail/CVE-2021-30818 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202202-01 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2022 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5

Trust: 2.43

sources: NVD: CVE-2021-30661 // JVNDB: JVNDB-2021-013603 // CNNVD: CNNVD-202104-975 // VULHUB: VHN-390394 // PACKETSTORM: 162447 // PACKETSTORM: 165794

AFFECTED PRODUCTS

vendor:	apple	model:	iphone os	scope:	lt	version:	12.5.3	Trust: 1.0
vendor:	apple	model:	safari	scope:	lt	version:	14.1	Trust: 1.0
vendor:	apple	model:	tvos	scope:	lt	version:	14.5	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	lt	version:	14.5	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	gte	version:	14.0	Trust: 1.0
vendor:	apple	model:	watchos	scope:	lt	version:	7.4	Trust: 1.0
vendor:	apple	model:	ipados	scope:	lt	version:	14.5	Trust: 1.0
vendor:	apple	model:	macos	scope:	gte	version:	11.0	Trust: 1.0
vendor:	apple	model:	macos	scope:	lt	version:	11.3	Trust: 1.0
vendor:	アップル	model:	safari	scope:	-	version:	-	Trust: 0.8
vendor:	アップル	model:	watchos	scope:	-	version:	-	Trust: 0.8
vendor:	アップル	model:	macos	scope:	-	version:	-	Trust: 0.8
vendor:	アップル	model:	ipados	scope:	-	version:	-	Trust: 0.8
vendor:	アップル	model:	ios	scope:	-	version:	-	Trust: 0.8
vendor:	アップル	model:	tvos	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2021-013603 // NVD: CVE-2021-30661

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD:	CVE-2021-30661
value:	HIGH
Trust: 1.8
CNNVD:	CNNVD-202104-975
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-202104-1942
value:	HIGH
Trust: 0.6
VULHUB:	VHN-390394
value:	MEDIUM
Trust: 0.1

NVD:
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	FALSE
obtainAllPrivilege:	FALSE
obtainUserPrivilege:	FALSE
obtainOtherPrivilege:	FALSE
userInteractionRequired:	TRUE
version:	2.0
Trust: 1.0
NVD:	CVE-2021-30661
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
VULHUB:	VHN-390394
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

NVD:
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2021-30661
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-390394 // JVNDB: JVNDB-2021-013603 // NVD: CVE-2021-30661 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202104-1942

PROBLEMTYPE DATA

problemtype:	CWE-416	Trust: 1.1
problemtype:	Use of freed memory (CWE-416) [NVD evaluation ]	Trust: 0.8

sources: VULHUB: VHN-390394 // JVNDB: JVNDB-2021-013603 // NVD: CVE-2021-30661

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202104-1942

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202104-975

CONFIGURATIONS

sources: NVD: CVE-2021-30661

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-390394

PATCH

title:	HT212325 Apple Security update	url:	https://support.apple.com/en-us/ht212317	Trust: 0.8
title:	Apple WebKitGTK+ Remediation of resource management error vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=148619	Trust: 0.6
title:	Apple: macOS Big Sur 11.3	url:	https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=c631c09ebe15d0799205eda727cdfeb3	Trust: 0.1
title:	Threatpost	url:	https://threatpost.com/apple-zero%e2%80%91days-active-attack/165842/	Trust: 0.1
title:	-	url:	https://www.welivesecurity.com/2021/04/27/apple-patches-severe-macos-security-flaw/	Trust: 0.1
title:	-	url:	https://www.theregister.co.uk/2021/05/04/in_brief_security/	Trust: 0.1

sources: VULMON: CVE-2021-30661 // JVNDB: JVNDB-2021-013603 // CNNVD: CNNVD-202104-1942

EXTERNAL IDS

db:	NVD	id:	CVE-2021-30661	Trust: 3.6
db:	PACKETSTORM	id:	165794	Trust: 0.8
db:	PACKETSTORM	id:	162447	Trust: 0.8
db:	JVNDB	id:	JVNDB-2021-013603	Trust: 0.8
db:	CS-HELP	id:	SB2021041363	Trust: 0.6
db:	CNNVD	id:	CNNVD-202104-975	Trust: 0.6
db:	CS-HELP	id:	SB2021050313	Trust: 0.6
db:	CS-HELP	id:	SB2021042801	Trust: 0.6
db:	CS-HELP	id:	SB2021092220	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.1499	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.1408.2	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.0382	Trust: 0.6
db:	CNNVD	id:	CNNVD-202104-1942	Trust: 0.6
db:	VULHUB	id:	VHN-390394	Trust: 0.1
db:	VULMON	id:	CVE-2021-30661	Trust: 0.1

sources: VULHUB: VHN-390394 // VULMON: CVE-2021-30661 // JVNDB: JVNDB-2021-013603 // PACKETSTORM: 162447 // PACKETSTORM: 165794 // NVD: CVE-2021-30661 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202104-1942

REFERENCES

url:	https://support.apple.com/en-us/ht212317	Trust: 1.7
url:	https://support.apple.com/en-us/ht212318	Trust: 1.7
url:	https://support.apple.com/en-us/ht212323	Trust: 1.7
url:	https://support.apple.com/en-us/ht212324	Trust: 1.7
url:	https://support.apple.com/en-us/ht212325	Trust: 1.7
url:	https://support.apple.com/en-us/ht212341	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30661	Trust: 1.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021041363	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021050313	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.0382	Trust: 0.6
url:	https://packetstormsecurity.com/files/162447/apple-security-advisory-2021-05-03-2.html	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021092220	Trust: 0.6
url:	https://vigilance.fr/vulnerability/apple-macos-multiple-vulnerabilities-35171	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021042801	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2021-30661	Trust: 0.6
url:	https://vigilance.fr/vulnerability/webkitgtk-multiple-vulnerabilities-36009	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.1408.2	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.1499	Trust: 0.6
url:	https://vigilance.fr/vulnerability/apple-ios-four-vulnerabilities-via-webkit-35222	Trust: 0.6
url:	https://packetstormsecurity.com/files/165794/gentoo-linux-security-advisory-202202-01.html	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30663	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30665	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30666	Trust: 0.2
url:	http://seclists.org/fulldisclosure/2021/may/3	Trust: 0.1
url:	https://threatpost.com/apple-zero%e2%80%91days-active-attack/165842/	Trust: 0.1
url:	https://support.apple.com/kb/ht212325	Trust: 0.1
url:	https://www.apple.com/itunes/	Trust: 0.1
url:	https://support.apple.com/kb/ht201222	Trust: 0.1
url:	https://www.apple.com/support/security/pgp/	Trust: 0.1
url:	https://support.apple.com/ht212341.	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1844	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30984	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30744	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30849	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30953	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1820	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30851	Trust: 0.1
url:	https://security.gentoo.org/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30952	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30887	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30762	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30846	Trust: 0.1
url:	https://webkitgtk.org/security/wsa-2021-0005.html	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30884	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30858	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30682	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30897	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30936	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30954	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30890	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1817	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-42762	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30758	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30799	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30818	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-21779	Trust: 0.1
url:	https://security.gentoo.org/glsa/202202-01	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-45482	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1871	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30809	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30795	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1825	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30734	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30797	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-21775	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1826	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30749	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30689	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30951	Trust: 0.1
url:	https://webkitgtk.org/security/wsa-2021-0004.html	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30889	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30823	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30761	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30888	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30934	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30720	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30848	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1788	Trust: 0.1
url:	https://creativecommons.org/licenses/by-sa/2.5	Trust: 0.1
url:	https://webkitgtk.org/security/wsa-2021-0006.html	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-21806	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-30836	Trust: 0.1
url:	https://bugs.gentoo.org.	Trust: 0.1

CREDITS

Apple

Trust: 0.7

sources: PACKETSTORM: 162447 // CNNVD: CNNVD-202104-1942

SOURCES

db:	VULHUB	id:	VHN-390394
db:	VULMON	id:	CVE-2021-30661
db:	JVNDB	id:	JVNDB-2021-013603
db:	PACKETSTORM	id:	162447
db:	PACKETSTORM	id:	165794
db:	NVD	id:	CVE-2021-30661
db:	CNNVD	id:	CNNVD-202104-975
db:	CNNVD	id:	CNNVD-202104-1942

LAST UPDATE DATE

2023-12-18T11:19:18.682000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-390394	date:	2021-09-20T00:00:00
db:	JVNDB	id:	JVNDB-2021-013603	date:	2022-09-16T08:05:00
db:	NVD	id:	CVE-2021-30661	date:	2021-09-20T12:26:22.673
db:	CNNVD	id:	CNNVD-202104-975	date:	2021-04-14T00:00:00
db:	CNNVD	id:	CNNVD-202104-1942	date:	2022-02-07T00:00:00

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-390394	date:	2021-09-08T00:00:00
db:	JVNDB	id:	JVNDB-2021-013603	date:	2022-09-16T00:00:00
db:	PACKETSTORM	id:	162447	date:	2021-05-04T16:23:31
db:	PACKETSTORM	id:	165794	date:	2022-02-01T17:03:05
db:	NVD	id:	CVE-2021-30661	date:	2021-09-08T15:15:13.320
db:	CNNVD	id:	CNNVD-202104-975	date:	2021-04-13T00:00:00
db:	CNNVD	id:	CNNVD-202104-1942	date:	2021-04-27T00:00:00