Details of VAR-202109-0370

ID

VAR-202109-0370

CVE

CVE-2021-1882

TITLE

plural Apple Out-of-bounds write vulnerabilities in the product

Trust: 0.8

sources: JVNDB: JVNDB-2021-013567

DESCRIPTION

A memory corruption issue was addressed with improved validation. This issue is fixed in Security Update 2021-002 Catalina, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. An application may be able to gain elevated privileges. plural Apple The product contains a vulnerability related to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. Apple macOS is a set of dedicated operating systems developed by Apple Corporation for Mac computers. There is a security vulnerability in macOS that stems from a boundary error inside Foundation components. The following products and versions are affected: Macos: 10.15 19A583, 10.15 19A602, 10.15 19A603, 10.15.1 19B88, 10.15.2 19C57, 10.15.3 19d76, 10.15.4 19E266, 10.15.4 19E287, 10.15.5 19F96, 10.15. 5 19F101, 10.15.6 19G73, 10.15.6 19G2021, 10.15.7 19H2, 10.15.7 19H4, 10.15.7 19H15, 10.15.7 19H114, 10.15.7 19H512, 10.15.7 19H524, 11.0.0.1 20B299 , 11.0.1 20B50, 11.1 20C69, 11.2 20D64, 11.2.1 20D74, 11.2.1 20D75, 11.2.2 20D80, 11.2.3 20D91. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2021-04-26-6 tvOS 14.5 tvOS 14.5 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT212323. AppleMobileFileIntegrity Available for: Apple TV 4K and Apple TV HD Impact: A malicious application may be able to bypass Privacy preferences Description: An issue in code signature validation was addressed with improved checks. CVE-2021-1849: Siguza Assets Available for: Apple TV 4K and Apple TV HD Impact: A local user may be able to create or modify privileged files Description: A logic issue was addressed with improved restrictions. CVE-2021-1836: an anonymous researcher Audio Available for: Apple TV 4K and Apple TV HD Impact: An application may be able to read restricted memory Description: A memory corruption issue was addressed with improved validation. CVE-2021-1808: JunDong Xie of Ant Security Light-Year Lab CFNetwork Available for: Apple TV 4K and Apple TV HD Impact: Processing maliciously crafted web content may disclose sensitive user information Description: A memory initialization issue was addressed with improved memory handling. CVE-2021-1857: an anonymous researcher CoreAudio Available for: Apple TV 4K and Apple TV HD Impact: Processing a maliciously crafted audio file may disclose restricted memory Description: An out-of-bounds read was addressed with improved input validation. CVE-2021-1846: JunDong Xie of Ant Security Light-Year Lab CoreAudio Available for: Apple TV 4K and Apple TV HD Impact: A malicious application may be able to read restricted memory Description: A memory corruption issue was addressed with improved validation. CVE-2021-1809: JunDong Xie of Ant Security Light-Year Lab CoreText Available for: Apple TV 4K and Apple TV HD Impact: Processing a maliciously crafted font may result in the disclosure of process memory Description: A logic issue was addressed with improved state management. CVE-2021-1811: Xingwei Lin of Ant Security Light-Year Lab FontParser Available for: Apple TV 4K and Apple TV HD Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2021-1881: an anonymous researcher, Xingwei Lin of Ant Security Light-Year Lab, Mickey Jin of Trend Micro, and Hou JingYi (@hjy79425575) of Qihoo 360 Foundation Available for: Apple TV 4K and Apple TV HD Impact: An application may be able to gain elevated privileges Description: A memory corruption issue was addressed with improved validation. CVE-2021-1882: Gabe Kirkpatrick (@gabe_k) Foundation Available for: Apple TV 4K and Apple TV HD Impact: A malicious application may be able to gain root privileges Description: A validation issue was addressed with improved logic. CVE-2021-1813: Cees Elzinga Heimdal Available for: Apple TV 4K and Apple TV HD Impact: Processing maliciously crafted server messages may lead to heap corruption Description: This issue was addressed with improved checks. CVE-2021-1883: Gabe Kirkpatrick (@gabe_k) Heimdal Available for: Apple TV 4K and Apple TV HD Impact: A remote attacker may be able to cause a denial of service Description: A race condition was addressed with improved locking. CVE-2021-1884: Gabe Kirkpatrick (@gabe_k) ImageIO Available for: Apple TV 4K and Apple TV HD Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2021-1885: CFF of Topsec Alpha Team ImageIO Available for: Apple TV 4K and Apple TV HD Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: This issue was addressed with improved checks. CVE-2021-30653: Ye Zhang of Baidu Security CVE-2021-1843: Ye Zhang of Baidu Security ImageIO Available for: Apple TV 4K and Apple TV HD Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2021-1858: Mickey Jin of Trend Micro iTunes Store Available for: Apple TV 4K and Apple TV HD Impact: An attacker with JavaScript execution may be able to execute arbitrary code Description: A use after free issue was addressed with improved memory management. CVE-2021-1864: CodeColorist of Ant-Financial LightYear Labs Kernel Available for: Apple TV 4K and Apple TV HD Impact: A malicious application may be able to disclose kernel memory Description: A memory initialization issue was addressed with improved memory handling. CVE-2021-1860: @0xalsr Kernel Available for: Apple TV 4K and Apple TV HD Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A buffer overflow was addressed with improved bounds checking. CVE-2021-1816: Tielei Wang of Pangu Lab Kernel Available for: Apple TV 4K and Apple TV HD Impact: An application may be able to execute arbitrary code with kernel privileges Description: A logic issue was addressed with improved state management. CVE-2021-1851: @0xalsr Kernel Available for: Apple TV 4K and Apple TV HD Impact: Copied files may not have the expected file permissions Description: The issue was addressed with improved permissions logic. CVE-2021-1832: an anonymous researcher Kernel Available for: Apple TV 4K and Apple TV HD Impact: A malicious application may be able to disclose kernel memory Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2021-30660: Alex Plaskett libxpc Available for: Apple TV 4K and Apple TV HD Impact: A malicious application may be able to gain root privileges Description: A race condition was addressed with additional validation. CVE-2021-30652: James Hutchins libxslt Available for: Apple TV 4K and Apple TV HD Impact: Processing a maliciously crafted file may lead to heap corruption Description: A double free issue was addressed with improved memory management. CVE-2021-1875: Found by OSS-Fuzz MobileInstallation Available for: Apple TV 4K and Apple TV HD Impact: A local user may be able to modify protected parts of the file system Description: A logic issue was addressed with improved restrictions. CVE-2021-1822: Bruno Virlet of The Grizzly Labs Preferences Available for: Apple TV 4K and Apple TV HD Impact: A local user may be able to modify protected parts of the file system Description: A parsing issue in the handling of directory paths was addressed with improved path validation. CVE-2021-1815: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com) CVE-2021-1739: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com) CVE-2021-1740: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com) Tailspin Available for: Apple TV 4K and Apple TV HD Impact: A local attacker may be able to elevate their privileges Description: A logic issue was addressed with improved state management. CVE-2021-1868: Tim Michaud of Zoom Communications WebKit Available for: Apple TV 4K and Apple TV HD Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved validation. CVE-2021-1844: Clément Lecigne of Google’s Threat Analysis Group, Alison Huffman of Microsoft Browser Vulnerability Research WebKit Available for: Apple TV 4K and Apple TV HD Impact: Processing maliciously crafted web content may lead to a cross site scripting attack Description: An input validation issue was addressed with improved input validation. CVE-2021-1825: Alex Camboe of Aon’s Cyber Solutions WebKit Available for: Apple TV 4K and Apple TV HD Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved state management. CVE-2021-1817: an anonymous researcher WebKit Available for: Apple TV 4K and Apple TV HD Impact: Processing maliciously crafted web content may lead to universal cross site scripting Description: A logic issue was addressed with improved restrictions. CVE-2021-1826: an anonymous researcher WebKit Available for: Apple TV 4K and Apple TV HD Impact: Processing maliciously crafted web content may result in the disclosure of process memory Description: A memory initialization issue was addressed with improved memory handling. CVE-2021-1820: an anonymous researcher WebKit Storage Available for: Apple TV 4K and Apple TV HD Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. CVE-2021-30661: yangkang(@dnpushme) of 360 ATA Installation note: Apple TV will periodically check for software updates. Alternatively, you may manually check for software updates by selecting "Settings -> System -> Software Update -> Update Software." To check the current version of software, select "Settings -> General -> About." Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEbURczHs1TP07VIfuZcsbuWJ6jjAFAmCHQEkACgkQZcsbuWJ6 jjBQqhAAhT6igO2sBsZW1+ecMiDmF9RSncVFfF1tXYcbwY0VdGgmoEYFSegudN1V k3tdJEIRwT25R7K9359Mz5z/uHHBhZrABuv0tRiTfHobYTxoA/52Hx7WzqioW7EU lxJsEkBaRqOkuM5PjMa1he6KzlxDpIXmhgz0uZknO135S7JPUcTasRnDuzzk92WP b8Y62dlIoQ7w38g4xFA7Jg52GnTpYXxacA591ipaqW9Q3AaTCUfQSoRVRuGLZ2rn 4AacIgGnSgXPOCGURkrAxV9yPTxDC8Ug+ctV1pFBc0YKQZ/nugdQkMKxe2mzKKAd 4PaurX3+m5YwKJf5Ma+UUDZVPsSK4exPyKMsrKu0p+pfoeumPuAJydMCWJrELR1p xvTTxljkMs++snOAiNP9lzKJe6kuU1aqLmzLHqspP2QC8YXJH3VWG9fqcagVSb0R zqvXI4nicqYJc635OANJy24QS5yzvOovdeJYCiJQaWc7RauLTavOetYZ34kWjjYr 2X1Dj0UdeRK5LCrDMFvlIx6jCQpFbKwfg9D7+1IiPI6bNWNdVFCPsrd59iGdBpj8 NvAGs6afDOo68EK1LLRYcR0EigkcCFZ84oqY40nlfdc9ZN1xeZ3plfbpFDywv4s8 nzTZlUAupV+ZCnrq0VbzskIE67Li6lAR+Bm7LmK3aRvMZaxfcn0= =iii4 -----END PGP SIGNATURE-----

Trust: 2.34

sources: NVD: CVE-2021-1882 // JVNDB: JVNDB-2021-013567 // CNNVD: CNNVD-202104-975 // VULHUB: VHN-376542 // PACKETSTORM: 162369

AFFECTED PRODUCTS

vendor:	apple	model:	mac os x	scope:	eq	version:	10.15.6	Trust: 1.0
vendor:	apple	model:	ipados	scope:	lt	version:	14.5	Trust: 1.0
vendor:	apple	model:	watchos	scope:	lt	version:	7.4	Trust: 1.0
vendor:	apple	model:	tvos	scope:	lt	version:	14.5	Trust: 1.0
vendor:	apple	model:	macos	scope:	lt	version:	11.3	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	gte	version:	10.15	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	lte	version:	10.15.5	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.15.7	Trust: 1.0
vendor:	apple	model:	macos	scope:	gte	version:	11.0	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	lt	version:	14.5	Trust: 1.0
vendor:	アップル	model:	apple mac os x	scope:	-	version:	-	Trust: 0.8
vendor:	アップル	model:	tvos	scope:	-	version:	-	Trust: 0.8
vendor:	アップル	model:	ipados	scope:	-	version:	-	Trust: 0.8
vendor:	アップル	model:	ios	scope:	-	version:	-	Trust: 0.8
vendor:	アップル	model:	watchos	scope:	-	version:	-	Trust: 0.8
vendor:	アップル	model:	macos	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2021-013567 // NVD: CVE-2021-1882

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-1882
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2021-1882
value:	CRITICAL
Trust: 0.8
CNNVD:	CNNVD-202104-975
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-202104-1953
value:	HIGH
Trust: 0.6
VULHUB:	VHN-376542
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2021-1882
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-376542
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2021-1882
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2021-1882
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-376542 // JVNDB: JVNDB-2021-013567 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202104-1953 // NVD: CVE-2021-1882

PROBLEMTYPE DATA

problemtype:	CWE-787	Trust: 1.1
problemtype:	Out-of-bounds writing (CWE-787) [NVD evaluation ]	Trust: 0.8

sources: VULHUB: VHN-376542 // JVNDB: JVNDB-2021-013567 // NVD: CVE-2021-1882

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202104-975

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-376542

PATCH

title:	HT212325 Apple Security update	url:	https://support.apple.com/en-us/HT212317	Trust: 0.8
title:	Apple macOS Buffer error vulnerability fix	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=148630	Trust: 0.6
title:	Apple: macOS Big Sur 11.3	url:	https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=c631c09ebe15d0799205eda727cdfeb3	Trust: 0.1
title:	pocs	url:	https://github.com/gabe-k/pocs	Trust: 0.1

sources: VULMON: CVE-2021-1882 // JVNDB: JVNDB-2021-013567 // CNNVD: CNNVD-202104-1953

EXTERNAL IDS

db:	NVD	id:	CVE-2021-1882	Trust: 3.5
db:	PACKETSTORM	id:	162369	Trust: 0.8
db:	JVNDB	id:	JVNDB-2021-013567	Trust: 0.8
db:	CS-HELP	id:	SB2021041363	Trust: 0.6
db:	CNNVD	id:	CNNVD-202104-975	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.1408.2	Trust: 0.6
db:	CS-HELP	id:	SB2021042704	Trust: 0.6
db:	CNNVD	id:	CNNVD-202104-1953	Trust: 0.6
db:	VULHUB	id:	VHN-376542	Trust: 0.1
db:	VULMON	id:	CVE-2021-1882	Trust: 0.1

sources: VULHUB: VHN-376542 // VULMON: CVE-2021-1882 // JVNDB: JVNDB-2021-013567 // PACKETSTORM: 162369 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202104-1953 // NVD: CVE-2021-1882

REFERENCES

url:	https://support.apple.com/en-us/ht212317	Trust: 1.7
url:	https://support.apple.com/en-us/ht212323	Trust: 1.7
url:	https://support.apple.com/en-us/ht212324	Trust: 1.7
url:	https://support.apple.com/en-us/ht212325	Trust: 1.7
url:	https://support.apple.com/en-us/ht212326	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1882	Trust: 0.9
url:	https://www.cybersecurity-help.cz/vdb/sb2021041363	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.1408.2	Trust: 0.6
url:	https://vigilance.fr/vulnerability/apple-macos-multiple-vulnerabilities-35171	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021042704	Trust: 0.6
url:	https://packetstormsecurity.com/files/162369/apple-security-advisory-2021-04-26-6.html	Trust: 0.6
url:	https://github.com/gabe-k/pocs	Trust: 0.1
url:	https://support.apple.com/kb/ht212325	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1844	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1860	Trust: 0.1
url:	https://support.apple.com/kb/ht201222	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1857	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1813	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1864	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1849	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1820	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1739	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1815	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1851	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1809	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1875	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1858	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1817	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1846	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1843	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1825	Trust: 0.1
url:	https://www.apple.com/support/security/pgp/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1811	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1826	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1832	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1881	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1816	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1822	Trust: 0.1
url:	https://support.apple.com/ht212323.	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1836	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1740	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1808	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1868	Trust: 0.1

CREDITS

Apple

Trust: 0.7

sources: PACKETSTORM: 162369 // CNNVD: CNNVD-202104-1953

SOURCES

db:	VULHUB	id:	VHN-376542
db:	VULMON	id:	CVE-2021-1882
db:	JVNDB	id:	JVNDB-2021-013567
db:	PACKETSTORM	id:	162369
db:	CNNVD	id:	CNNVD-202104-975
db:	CNNVD	id:	CNNVD-202104-1953
db:	NVD	id:	CVE-2021-1882

LAST UPDATE DATE

2024-08-14T12:16:00.780000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-376542	date:	2021-09-20T00:00:00
db:	JVNDB	id:	JVNDB-2021-013567	date:	2022-09-16T01:54:00
db:	CNNVD	id:	CNNVD-202104-975	date:	2021-04-14T00:00:00
db:	CNNVD	id:	CNNVD-202104-1953	date:	2021-09-09T00:00:00
db:	NVD	id:	CVE-2021-1882	date:	2021-09-20T18:04:33.287

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-376542	date:	2021-09-08T00:00:00
db:	JVNDB	id:	JVNDB-2021-013567	date:	2022-09-16T00:00:00
db:	PACKETSTORM	id:	162369	date:	2021-04-28T15:10:17
db:	CNNVD	id:	CNNVD-202104-975	date:	2021-04-13T00:00:00
db:	CNNVD	id:	CNNVD-202104-1953	date:	2021-04-27T00:00:00
db:	NVD	id:	CVE-2021-1882	date:	2021-09-08T15:15:12.457