Sign-up

ID

VAR-202104-0614


CVE

CVE-2021-1791


TITLE

Apple iOS FairplayIOKit Out-Of-Bounds Read Information Disclosure Vulnerability

Trust: 0.7

sources: ZDI: ZDI-21-251

DESCRIPTION

An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A malicious application may be able to disclose kernel memory. This vulnerability allows local attackers to disclose sensitive information on affected installations of Apple iOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the FairplayIOKit kext. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated data structure. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the kernel. Apple FairPlay is a core component of Apple in the United States for providing media playback functions for devices. A resource management error vulnerability exists in Apple FairPlay due to a boundary condition within the FairPlay component in macOS. Vulnerabilities exist in the following product or version: macOS Big Sur 11.0.1. The specific flaw exists within the FairplayIOKit kext. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2021-02-01-3 Additional information for APPLE-SA-2021-01-26-2 tvOS 14.4 tvOS 14.4 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT212149. Analytics Available for: Apple TV 4K and Apple TV HD Impact: A remote attacker may be able to cause a denial of service Description: This issue was addressed with improved checks. CVE-2021-1761: Cees Elzinga Entry added February 1, 2021 APFS Available for: Apple TV 4K and Apple TV HD Impact: A local user may be able to read arbitrary files Description: The issue was addressed with improved permissions logic. CVE-2021-1797: Thomas Tempelmann Entry added February 1, 2021 CoreAnimation Available for: Apple TV 4K and Apple TV HD Impact: A malicious application could execute arbitrary code leading to compromise of user information Description: A memory corruption issue was addressed with improved state management. CVE-2021-1760: @S0rryMybad of 360 Vulcan Team Entry added February 1, 2021 CoreAudio Available for: Apple TV 4K and Apple TV HD Impact: Processing maliciously crafted web content may lead to code execution Description: An out-of-bounds write was addressed with improved input validation. CVE-2021-1747: JunDong Xie of Ant Security Light-Year Lab Entry added February 1, 2021 CoreGraphics Available for: Apple TV 4K and Apple TV HD Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2021-1776: Ivan Fratric of Google Project Zero Entry added February 1, 2021 CoreMedia Available for: Apple TV 4K and Apple TV HD Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2021-1759: Hou JingYi (@hjy79425575) of Qihoo 360 CERT Entry added February 1, 2021 CoreText Available for: Apple TV 4K and Apple TV HD Impact: Processing a maliciously crafted text file may lead to arbitrary code execution Description: A stack overflow was addressed with improved input validation. CVE-2021-1772: Mickey Jin of Trend Micro Entry added February 1, 2021 CoreText Available for: Apple TV 4K and Apple TV HD Impact: A remote attacker may be able to cause arbitrary code execution Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2021-1792: Mickey Jin & Junzhi Lu of Trend Micro Entry added February 1, 2021 Crash Reporter Available for: Apple TV 4K and Apple TV HD Impact: A local user may be able to create or modify system files Description: A logic issue was addressed with improved state management. CVE-2021-1786: Csaba Fitzl (@theevilbit) of Offensive Security Entry added February 1, 2021 Crash Reporter Available for: Apple TV 4K and Apple TV HD Impact: A local attacker may be able to elevate their privileges Description: Multiple issues were addressed with improved logic. CVE-2021-1791: Junzhi Lu (@pwn0rz), Qi Sun & Mickey Jin of Trend Micro Entry added February 1, 2021 FontParser Available for: Apple TV 4K and Apple TV HD Impact: A remote attacker may be able to cause arbitrary code execution Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2021-1758: Peter Nguyen of STAR Labs Entry added February 1, 2021 ImageIO Available for: Apple TV 4K and Apple TV HD Impact: Processing a maliciously crafted image may lead to a denial of service Description: This issue was addressed with improved checks. CVE-2021-1766: Danny Rosseau of Carve Systems Entry added February 1, 2021 ImageIO Available for: Apple TV 4K and Apple TV HD Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2021-1785: Xingwei Lin of Ant Security Light-Year Lab Entry added February 1, 2021 ImageIO Available for: Apple TV 4K and Apple TV HD Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds write was addressed with improved input validation. CVE-2021-1744: Xingwei Lin of Ant Security Light-Year Lab Entry added February 1, 2021 ImageIO Available for: Apple TV 4K and Apple TV HD Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: A logic issue was addressed with improved state management. CVE-2021-1818: Xingwei Lin from Ant-financial Light-Year Security Lab Entry added February 1, 2021 ImageIO Available for: Apple TV 4K and Apple TV HD Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: This issue was addressed with improved checks. CVE-2021-1746: Xingwei Lin of Ant Security Light-Year Lab, and Mickey Jin & Qi Sun of Trend Micro CVE-2021-1793: Xingwei Lin of Ant Security Light-Year Lab Entry added February 1, 2021 ImageIO Available for: Apple TV 4K and Apple TV HD Impact: Processing a maliciously crafted image may lead to a denial of service Description: A logic issue was addressed with improved state management. CVE-2021-1773: Xingwei Lin of Ant Security Light-Year Lab Entry added February 1, 2021 ImageIO Available for: Apple TV 4K and Apple TV HD Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2021-1741: Xingwei Lin of Ant Security Light-Year Lab CVE-2021-1743: Xingwei Lin of Ant Security Light-Year Lab, and Mickey Jin & Junzhi Lu of Trend Micro Entry added February 1, 2021 ImageIO Available for: Apple TV 4K and Apple TV HD Impact: Processing a maliciously crafted image may lead to a denial of service Description: An out-of-bounds read issue existed in the curl. CVE-2021-1778: Xingwei Lin of Ant Security Light-Year Lab Entry added February 1, 2021 ImageIO Available for: Apple TV 4K and Apple TV HD Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An access issue was addressed with improved memory management. CVE-2021-1783: Xingwei Lin of Ant Security Light-Year Lab Entry added February 1, 2021 IOSkywalkFamily Available for: Apple TV 4K and Apple TV HD Impact: A local attacker may be able to elevate their privileges Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2021-1757: Proteas and Pan ZhenPeng (@Peterpan0927) of Alibaba Security Entry added February 1, 2021 iTunes Store Available for: Apple TV 4K and Apple TV HD Impact: Processing a maliciously crafted URL may lead to arbitrary javascript code execution Description: A validation issue was addressed with improved input sanitization. CVE-2021-1748: CodeColorist of Ant-Financial Light-Year Labs Entry added February 1, 2021 Kernel Available for: Apple TV 4K and Apple TV HD Impact: A remote attacker may be able to cause a denial of service Description: A use after free issue was addressed with improved memory management. CVE-2021-1764: Maxime Villard (m00nbsd) Entry added February 1, 2021 Kernel Available for: Apple TV 4K and Apple TV HD Impact: An application may be able to execute arbitrary code with kernel privileges Description: Multiple issues were addressed with improved logic. CVE-2021-1750: @0xalsr Entry added February 1, 2021 Kernel Available for: Apple TV 4K and Apple TV HD Impact: A malicious application may be able to elevate privileges. Apple is aware of a report that this issue may have been actively exploited. CVE-2021-1782: an anonymous researcher Swift Available for: Apple TV 4K and Apple TV HD Impact: A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication Description: A logic issue was addressed with improved validation. CVE-2021-1769: CodeColorist of Ant-Financial Light-Year Labs Entry added February 1, 2021 WebKit Available for: Apple TV 4K and Apple TV HD Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2021-1788: Francisco Alonso (@revskills) Entry added February 1, 2021 WebKit Available for: Apple TV 4K and Apple TV HD Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A type confusion issue was addressed with improved state handling. CVE-2021-1789: @S0rryMybad of 360 Vulcan Team Entry added February 1, 2021 WebKit Available for: Apple TV 4K and Apple TV HD Impact: Maliciously crafted web content may violate iframe sandboxing policy Description: This issue was addressed with improved iframe sandbox enforcement. CVE-2021-1801: Eliya Stein of Confiant Entry added February 1, 2021 WebRTC Available for: Apple TV 4K and Apple TV HD Impact: A malicious website may be able to access restricted ports on arbitrary servers Description: A port redirection issue was addressed with additional port validation. CVE-2021-1799: Gregory Vishnepolsky & Ben Seri of Armis Security, and Samy Kamkar Entry added February 1, 2021 Additional recognition iTunes Store We would like to acknowledge CodeColorist of Ant-Financial Light-Year Labs for their assistance. Entry added February 1, 2021 Kernel We would like to acknowledge Junzhi Lu (@pwn0rz), Mickey Jin & Jesse Change of Trend Micro for their assistance. Entry added February 1, 2021 libpthread We would like to acknowledge CodeColorist of Ant-Financial Light-Year Labs for their assistance. Entry added February 1, 2021 Store Demo We would like to acknowledge @08Tc3wBB for their assistance. Entry added February 1, 2021 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEbURczHs1TP07VIfuZcsbuWJ6jjAFAmAYgtcACgkQZcsbuWJ6 jjC2WQ//bJVyj/RBYwoj3boUw/SH7hZ+n6Ho3KPRZQE2XWZ0KSODHSoXOgaf5xX7 xWAf5vbOGdEueWj476hmlZZPediB7SJK6xEkvg3SKzZrc5+MlgRUjnrNd/qygi75 tPXjpkyIAHBY5Ik+uoSyxkLkCn3i50KFwtJCmyibl3ayb1XA2/jUA4FtQkhz3HrM ZhMkBPOSObKkGiyj90eBNmeJRSwrxvBQPcp/EwqHbND+Y8UYAQ9ZDbHXWBVuDeRV R1No2qLit0TCs6MZnVP2CKNprXMy/bHLlNeVYGGIu1W+qQ3I30XvlY69VcH6JdVF xz6JIiXAJoOYDUFzesY2b8kMe7jiZnnDK+gWHeodV4oirsImITTlGY4gdiGb30Ag 2XDFpGedK0g+fD+SKI0lCOColTi6IEtTRm4/0ClI0HMc0akJn3qZXOz+iXzTZCa3 tssd6H2lZAW98GmsnMazUdEyGR+9I9RSvaJkLNOBxgDG+NURoTJ6vxHH2B3DYb/+ i+blVGMt7EBIZNwloOR8Fc+Ho5YTCFIwSxeqUzS9Vw53Bx7qA0AVd6CPPJSctWZ0 WKg1N3iW+dBWLWr43idEUNgUADL8Ya35Q6EwW+FxMHLwS11d7xA24AT14vJyi+4w ftTKFGZsNaUGMo2dCZNUnyC23xv3R8GYso0jc3DL4e1pAmeW2Rk=0JBx -----END PGP SIGNATURE-----

Trust: 1.89

sources: NVD: CVE-2021-1791 // ZDI: ZDI-21-251 // VULHUB: VHN-376451 // VULMON: CVE-2021-1791 // PACKETSTORM: 161248 // PACKETSTORM: 161247

AFFECTED PRODUCTS

vendor:applemodel:ipadosscope:ltversion:14.4

Trust: 1.0

vendor:applemodel:tvosscope:ltversion:14.4

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.14.6

Trust: 1.0

vendor:applemodel:mac os xscope:ltversion:10.14.6

Trust: 1.0

vendor:applemodel:mac os xscope:gteversion:10.14

Trust: 1.0

vendor:applemodel:mac os xscope:gteversion:10.15

Trust: 1.0

vendor:applemodel:watchosscope:ltversion:7.3

Trust: 1.0

vendor:applemodel:macosscope:ltversion:11.2

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.15.7

Trust: 1.0

vendor:applemodel:macosscope:gteversion:11.0

Trust: 1.0

vendor:applemodel:mac os xscope:ltversion:10.15.7

Trust: 1.0

vendor:applemodel:iphone osscope:ltversion:14.4

Trust: 1.0

vendor:applemodel:iosscope: - version: -

Trust: 0.7

sources: ZDI: ZDI-21-251 // NVD: CVE-2021-1791

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-1791
value: MEDIUM

Trust: 1.0

ZDI: CVE-2021-1791
value: MEDIUM

Trust: 0.7

CNNVD: CNNVD-202102-077
value: MEDIUM

Trust: 0.6

VULHUB: VHN-376451
value: HIGH

Trust: 0.1

VULMON: CVE-2021-1791
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2021-1791
severity: HIGH
baseScore: 7.1
vectorString: AV:N/AC:M/AU:N/C:C/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

VULHUB: VHN-376451
severity: HIGH
baseScore: 7.1
vectorString: AV:N/AC:M/AU:N/C:C/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2021-1791
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 1.8
impactScore: 3.6
version: 3.1

Trust: 1.0

ZDI: CVE-2021-1791
baseSeverity: MEDIUM
baseScore: 5.6
vectorString: AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
attackVector: LOCAL
attackComplexity: HIGH
privilegesRequired: LOW
userInteraction: NONE
scope: CHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 1.1
impactScore: 4.0
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-21-251 // VULHUB: VHN-376451 // VULMON: CVE-2021-1791 // CNNVD: CNNVD-202102-077 // NVD: CVE-2021-1791

PROBLEMTYPE DATA

problemtype:CWE-125

Trust: 1.1

sources: VULHUB: VHN-376451 // NVD: CVE-2021-1791

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202102-077

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202102-077

EXPLOIT AVAILABILITY

sources:
            
            
            VULHUB: VHN-376451

PATCH
title:Apple has issued an update to correct this vulnerability.url:https://support.apple.com/en-us/HT212146
Trust: 0.7
title:Apple FairPlay Remediation of resource management error vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=140650
Trust: 0.6
title:fairplay_researchurl:https://github.com/Meituan-Dianping/fairplay_research 
Trust: 0.1
sources:
            
            
            ZDI: ZDI-21-251 // 
            
            
            
            VULMON: CVE-2021-1791 // 
            
            
            
            CNNVD: CNNVD-202102-077

EXTERNAL IDS
db:NVDid:CVE-2021-1791
Trust: 2.7
db:ZDIid:ZDI-21-251
Trust: 0.8
db:PACKETSTORMid:161247
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-12053
Trust: 0.7
db:AUSCERTid:ESB-2021.0354
Trust: 0.6
db:CNNVDid:CNNVD-202102-077
Trust: 0.6
db:PACKETSTORMid:161248
Trust: 0.2
db:VULHUBid:VHN-376451
Trust: 0.1
db:VULMONid:CVE-2021-1791
Trust: 0.1
sources:
            
            
            ZDI: ZDI-21-251 // 
            
            
            
            VULHUB: VHN-376451 // 
            
            
            
            VULMON: CVE-2021-1791 // 
            
            
            
            PACKETSTORM: 161248 // 
            
            
            
            PACKETSTORM: 161247 // 
            
            
            
            CNNVD: CNNVD-202102-077 // 
            
            
            
            NVD: CVE-2021-1791

REFERENCES
url:https://support.apple.com/en-us/ht212146
Trust: 2.5
url:https://support.apple.com/en-us/ht212147
Trust: 1.8
url:https://support.apple.com/en-us/ht212148
Trust: 1.8
url:https://support.apple.com/en-us/ht212149
Trust: 1.8
url:https://nvd.nist.gov/vuln/detail/cve-2021-1791
Trust: 0.8
url:https://vigilance.fr/vulnerability/apple-macos-multiple-vulnerabilities-34452
Trust: 0.6
url:https://packetstormsecurity.com/files/161247/apple-security-advisory-2021-02-01-3.html
Trust: 0.6
url:https://www.auscert.org.au/bulletins/esb-2021.0354/
Trust: 0.6
url:https://nvd.nist.gov/vuln/detail/cve-2021-1789
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2021-1760
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2021-1766
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2021-1783
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2021-1787
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2021-1757
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2021-1785
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2021-1769
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2021-1761
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2021-1744
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2021-1748
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2021-1764
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2021-1773
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2021-1776
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2021-1778
Trust: 0.2
url:https://www.apple.com/support/security/pgp/
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2021-1786
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2021-1772
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2021-1743
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2021-1758
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2021-1792
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2021-1782
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2021-1788
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2021-1750
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2021-1746
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2021-1747
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2021-1741
Trust: 0.2
url:https://cwe.mitre.org/data/definitions/125.html
Trust: 0.1
url:https://github.com/meituan-dianping/fairplay_research
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://www.zerodayinitiative.com/advisories/zdi-21-251/
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2021-1793
Trust: 0.1
url:https://support.apple.com/ht212148.
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2021-1759
Trust: 0.1
url:https://support.apple.com/ht212149.
Trust: 0.1
sources:
            
            
            ZDI: ZDI-21-251 // 
            
            
            
            VULHUB: VHN-376451 // 
            
            
            
            VULMON: CVE-2021-1791 // 
            
            
            
            PACKETSTORM: 161248 // 
            
            
            
            PACKETSTORM: 161247 // 
            
            
            
            CNNVD: CNNVD-202102-077 // 
            
            
            
            NVD: CVE-2021-1791

CREDITS
Apple
Trust: 0.8
sources:
            
            
            PACKETSTORM: 161248 // 
            
            
            
            PACKETSTORM: 161247 // 
            
            
            
            CNNVD: CNNVD-202102-077

SOURCES
db:ZDIid:ZDI-21-251
db:VULHUBid:VHN-376451
db:VULMONid:CVE-2021-1791
db:PACKETSTORMid:161248
db:PACKETSTORMid:161247
db:CNNVDid:CNNVD-202102-077
db:NVDid:CVE-2021-1791

LAST UPDATE DATE
2024-08-14T13:07:45.097000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-21-251date:2021-02-24T00:00:00
db:VULHUBid:VHN-376451date:2021-04-09T00:00:00
db:VULMONid:CVE-2021-1791date:2021-04-09T00:00:00
db:CNNVDid:CNNVD-202102-077date:2021-04-12T00:00:00
db:NVDid:CVE-2021-1791date:2021-04-09T22:17:02.493

SOURCES RELEASE DATE
db:ZDIid:ZDI-21-251date:2021-02-03T00:00:00
db:VULHUBid:VHN-376451date:2021-04-02T00:00:00
db:VULMONid:CVE-2021-1791date:2021-04-02T00:00:00
db:PACKETSTORMid:161248date:2021-02-02T16:09:50
db:PACKETSTORMid:161247date:2021-02-02T16:08:52
db:CNNVDid:CNNVD-202102-077date:2021-02-02T00:00:00
db:NVDid:CVE-2021-1791date:2021-04-02T18:15:21.810