返回 CVE 浏览器

CVE-2021-30952

Known Exploited (CISA KEV)HIGH

7.8

CVSS Severity Score

EPSS Score66.8930%

EPSS Percentile94.57th

Published2021年8月24日

Last Modified2026年3月6日

Vulnerability Description

An integer overflow was addressed with improved input validation. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution.

Affected Platforms (CPE)

📦

Apple

Safari

< 15.2

💻

Apple

Ipados

< 15.2

💻

Apple

Iphone Os

< 15.2

💻

Apple

Macos

>= 12.0 and < 12.1

💻

Apple

Tvos

< 15.2

💻

Apple

Watchos

< 8.3

💻

Fedoraproject

Fedora

= 34

💻

Fedoraproject

Fedora

= 35

💻

Debian

Debian Linux

= 10.0

💻

Debian

Debian Linux

= 11.0

📦

Webkitgtk

Webkitgtk

< 2.34.4

📦

Wpewebkit

Wpe Webkit

< 2.34.4

References & Advisories

🔗 http://www.openwall.com/lists/oss-security/2022/01/21/2

🔗 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7EQVZ3CEMTINLBZ7PBC7WRXVEVCRHNSM/

🔗 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HQKWD4BXRDD2YGR5AVU7H5J5PIQIEU6V/

🔗 https://support.apple.com/en-us/HT212975

🔗 https://support.apple.com/en-us/HT212976

🔗 https://support.apple.com/en-us/HT212978

🔗 https://support.apple.com/en-us/HT212980

🔗 https://support.apple.com/en-us/HT212982

相关漏洞威胁

CVE-2004-053910.0

The "Show in Finder" button in the Safari web browser in Mac OS X 10.3.4 and 10.2.8 may execute downloaded applications, which cou...

CVE-2007-284310.0

Cross-domain vulnerability in Apple Safari 2.0.4 allows remote attackers to access restricted information from other domains via J...

CVE-2004-009210.0

Unknown vulnerability in Safari web browser in Mac OS X 10.2.8 and 10.3.2, with unknown impact.

CVE-2008-230310.0

Integer signedness error in Safari on Apple iPhone before 2.0 and iPod touch before 2.0 allows remote attackers to execute arbitra...