CyberSec.Space Logo
Back to CVE Browser

CVE-2021-30663

Known Exploited (CISA KEV)HIGH
8.8
CVSS Severity Score
EPSS Score33.4110%
EPSS Percentile85.24th
PublishedSep 8, 2021
Last ModifiedOct 23, 2025

Vulnerability Description

An integer overflow was addressed with improved input validation. This issue is fixed in iOS 14.5.1 and iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, Safari 14.1.1, macOS Big Sur 11.3.1. Processing maliciously crafted web content may lead to arbitrary code execution.

Affected Platforms (CPE)

πŸ“¦
Apple

Safari

< 14.1.1
πŸ’»
Apple

Ipados

>= 14.0 and < 14.5.1
πŸ’»
Apple

Iphone Os

< 12.5.3
πŸ’»
Apple

Iphone Os

>= 14.0 and < 14.5.1
πŸ’»
Apple

Macos

>= 11.0 and < 11.3.1
πŸ’»
Apple

Tvos

< 14.6

References & Advisories

πŸ”— https://support.apple.com/en-us/HT212335
πŸ”— https://support.apple.com/en-us/HT212336
πŸ”— https://support.apple.com/en-us/HT212341
πŸ”— https://support.apple.com/en-us/HT212532
πŸ”— https://support.apple.com/en-us/HT212534
πŸ”— https://support.apple.com/en-us/HT212335
πŸ”— https://support.apple.com/en-us/HT212336
πŸ”— https://support.apple.com/en-us/HT212341

Related Vulnerabilities

CVE-2004-053910.0

The "Show in Finder" button in the Safari web browser in Mac OS X 10.3.4 and 10.2.8 may execute downloaded applications, which cou...

CVE-2007-284310.0

Cross-domain vulnerability in Apple Safari 2.0.4 allows remote attackers to access restricted information from other domains via J...

CVE-2004-009210.0

Unknown vulnerability in Safari web browser in Mac OS X 10.2.8 and 10.3.2, with unknown impact.

CVE-2008-230310.0

Integer signedness error in Safari on Apple iPhone before 2.0 and iPod touch before 2.0 allows remote attackers to execute arbitra...