ID

VAR-202109-1404


CVE

CVE-2021-30780


TITLE

plural  Apple  Product out-of-bounds write vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2021-013624

DESCRIPTION

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-005 Mojave, Security Update 2021-004 Catalina. A malicious application may be able to gain root privileges. plural Apple The product contains a vulnerability related to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. Apple macOS Big Sur is a mobile application APP of Apple (Apple). Apple macOS Big Sur 11.5 has a buffer error vulnerability that originates from a boundary error in the CVMS subsystem. A local attacker can use root privileges to trigger an out-of-bounds write and execute arbitrary code. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2021-07-21-1 iOS 14.7 and iPadOS 14.7 iOS 14.7 and iPadOS 14.7 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT212601. iOS 14.7 released July 19, 2021; iPadOS 14.7 released July 21, 2021 ActionKit Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: A shortcut may be able to bypass Internet permission requirements Description: An input validation issue was addressed with improved input validation. CVE-2021-30763: Zachary Keffaber (@QuickUpdate5) Audio Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: A local attacker may be able to cause unexpected application termination or arbitrary code execution Description: This issue was addressed with improved checks. CVE-2021-30781: tr3e AVEVideoEncoder Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management. CVE-2021-30748: George Nosenko CoreAudio Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved state management. CVE-2021-30775: JunDong Xie of Ant Security Light-Year Lab CoreAudio Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Playing a malicious audio file may lead to an unexpected application termination Description: A logic issue was addressed with improved validation. CVE-2021-30776: JunDong Xie of Ant Security Light-Year Lab CoreGraphics Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: A race condition was addressed with improved state handling. CVE-2021-30786: ryuzaki CoreText Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2021-30789: Mickey Jin (@patch1t) of Trend Micro, Sunglin of Knownsec 404 team Crash Reporter Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: A malicious application may be able to gain root privileges Description: A logic issue was addressed with improved validation. CVE-2021-30774: Yizhuo Wang of Group of Software Security In Progress (G.O.S.S.I.P) at Shanghai Jiao Tong University CVMS Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: A malicious application may be able to gain root privileges Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2021-30780: Tim Michaud(@TimGMichaud) of Zoom Video Communications dyld Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: A logic issue was addressed with improved validation. CVE-2021-30768: Linus Henze (pinauten.de) Find My Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: A malicious application may be able to access Find My data Description: A permissions issue was addressed with improved validation. CVE-2021-30804: Csaba Fitzl (@theevilbit) of Offensive Security FontParser Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: An integer overflow was addressed through improved input validation. CVE-2021-30760: Sunglin of Knownsec 404 team FontParser Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing a maliciously crafted tiff file may lead to a denial-of-service or potentially disclose memory contents Description: This issue was addressed with improved checks. CVE-2021-30788: tr3e working with Trend Micro Zero Day Initiative FontParser Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A stack overflow was addressed with improved input validation. CVE-2021-30759: hjy79425575 working with Trend Micro Zero Day Initiative Identity Service Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: A malicious application may be able to bypass code signing checks Description: An issue in code signature validation was addressed with improved checks. CVE-2021-30773: Linus Henze (pinauten.de) Image Processing Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2021-30802: Matthew Denton of Google Chrome Security ImageIO Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: This issue was addressed with improved checks. CVE-2021-30779: Jzhu, Ye Zhang(@co0py_Cat) of Baidu Security ImageIO Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A buffer overflow was addressed with improved bounds checking. CVE-2021-30785: CFF of Topsec Alpha Team, Mickey Jin (@patch1t) of Trend Micro Kernel Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication Description: A logic issue was addressed with improved state management. CVE-2021-30769: Linus Henze (pinauten.de) Kernel Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations Description: A logic issue was addressed with improved validation. CVE-2021-30770: Linus Henze (pinauten.de) libxml2 Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: A remote attacker may be able to cause arbitrary code execution Description: This issue was addressed with improved checks. CVE-2021-3518 Measure Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Multiple issues in libwebp Description: Multiple issues were addressed by updating to version 1.2.0. CVE-2018-25010 CVE-2018-25011 CVE-2018-25014 CVE-2020-36328 CVE-2020-36329 CVE-2020-36330 CVE-2020-36331 Model I/O Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing a maliciously crafted image may lead to a denial of service Description: A logic issue was addressed with improved validation. CVE-2021-30796: Mickey Jin (@patch1t) of Trend Micro Model I/O Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds write was addressed with improved input validation. CVE-2021-30792: Anonymous working with Trend Micro Zero Day Initiative Model I/O Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing a maliciously crafted file may disclose user information Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2021-30791: Anonymous working with Trend Micro Zero Day Initiative TCC Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: A malicious application may be able to bypass certain Privacy preferences Description: A logic issue was addressed with improved state management. CVE-2021-30798: Mickey Jin (@patch1t) of Trend Micro WebKit Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A type confusion issue was addressed with improved state handling. CVE-2021-30758: Christoph Guttandin of Media Codings WebKit Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2021-30795: Sergei Glazunov of Google Project Zero WebKit Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing maliciously crafted web content may lead to code execution Description: This issue was addressed with improved checks. CVE-2021-30797: Ivan Fratric of Google Project Zero WebKit Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2021-30799: Sergei Glazunov of Google Project Zero Wi-Fi Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Joining a malicious Wi-Fi network may result in a denial of service or arbitrary code execution Description: This issue was addressed with improved checks. CVE-2021-30800: vm_call, Nozhdar Abdulkhaleq Shukri Additional recognition Assets We would like to acknowledge Cees Elzinga for their assistance. CoreText We would like to acknowledge Mickey Jin (@patch1t) of Trend Micro for their assistance. Safari We would like to acknowledge an anonymous researcher for their assistance. Sandbox We would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive Security for their assistance. Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About * The version after applying this update will be "14.7" Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEbURczHs1TP07VIfuZcsbuWJ6jjAFAmD4r8YACgkQZcsbuWJ6 jjB5LBAAkEy25fNpo8rg42bsyJwWsSQQxPN79JFxQ6L8tqdsM+MZk86dUKtsRQ47 mxarMf4uBwiIOtrGSCGHLIxXAzLqPY47NDhO+ls0dVxGMETkoR/287AeLnw2ITh3 DM0H/pco4hRhPh8neYTMjNPMAgkepx+r7IqbaHWapn42nRC4/2VkEtVGltVDLs3L K0UQP0cjy2w9KvRF33H3uKNCaCTJrVkDBLKWC7rPPpomwp3bfmbQHjs0ixV5Y8l5 3MfNmCuhIt34zAjVELvbE/PUXgkmsECbXHNZOct7ZLAbceneVKtSmynDtoEN0ajM JiJ6j+FCtdfB3xHk3cHqB6sQZm7fDxdK3z91MZvSZwwmdhJeHD/TxcItRlHNOYA1 FSi0Q954DpIqz3Fs4DGE7Vwz0g5+o5qup8cnw9oLXBdqZwWANuLsQlHlioPbcDhl r1DmwtghmDYFUeSMnzHu/iuRepEju+BRMS3ybCm5j+I3kyvAV8pyvqNNRLfJn+w+ Wl/lwXTtXbgsNPR7WJCBJffxB0gOGZaIG1blSGCY89t2if0vD95R5sRsrnaxuqWc qmtRdBfbmjxk/G+6t1sd4wFglTNovHiLIHXh17cwdIWMB35yFs7VA35833/rF4Oo jOF1D12o58uAewxAsK+cTixe7I9U5Awkad2Jz19V3qHnRWGqtVg\x8e1h -----END PGP SIGNATURE----- . CVE-2021-30766: Liu Long of Ant Security Light-Year Lab CVE-2021-30765: Liu Long of Ant Security Light-Year Lab IOKit Available for: macOS Big Sur Impact: A local attacker may be able to execute code on the Apple T2 Security Chip Description: Multiple issues were addressed with improved logic. CVE-2021-30793: Zuozhi Fan (@pattern_F_) of Ant Security TianQiong Lab Kext Management Available for: macOS Big Sur Impact: A malicious application may be able to bypass Privacy preferences Description: This issue was addressed with improved entitlements. Alternatively, on your watch, select "My Watch > General > About"

Trust: 2.88

sources: NVD: CVE-2021-30780 // JVNDB: JVNDB-2021-013624 // CNNVD: CNNVD-202104-975 // VULHUB: VHN-390513 // VULMON: CVE-2021-30780 // PACKETSTORM: 163645 // PACKETSTORM: 163646 // PACKETSTORM: 163647 // PACKETSTORM: 163649 // PACKETSTORM: 163650 // PACKETSTORM: 163651

AFFECTED PRODUCTS

vendor:applemodel:mac os xscope:lteversion:10.15.6

Trust: 1.0

vendor:applemodel:tvosscope:ltversion:14.7

Trust: 1.0

vendor:applemodel:watchosscope:ltversion:7.6

Trust: 1.0

vendor:applemodel:mac os xscope:lteversion:10.14.5

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.14.6

Trust: 1.0

vendor:applemodel:macosscope:ltversion:11.5

Trust: 1.0

vendor:applemodel:mac os xscope:gteversion:10.14

Trust: 1.0

vendor:applemodel:mac os xscope:gteversion:10.15

Trust: 1.0

vendor:applemodel:iphone osscope:ltversion:14.7

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.15.7

Trust: 1.0

vendor:applemodel:macosscope:gteversion:11.0

Trust: 1.0

vendor:アップルmodel:apple mac os xscope: - version: -

Trust: 0.8

vendor:アップルmodel:iosscope: - version: -

Trust: 0.8

vendor:アップルmodel:tvosscope: - version: -

Trust: 0.8

vendor:アップルmodel:watchosscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2021-013624 // NVD: CVE-2021-30780

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-30780
value: HIGH

Trust: 1.0

NVD: CVE-2021-30780
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202104-975
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202107-1662
value: HIGH

Trust: 0.6

VULHUB: VHN-390513
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2021-30780
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-390513
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2021-30780
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2021-30780
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-390513 // JVNDB: JVNDB-2021-013624 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202107-1662 // NVD: CVE-2021-30780

PROBLEMTYPE DATA

problemtype:CWE-787

Trust: 1.1

problemtype:Out-of-bounds writing (CWE-787) [NVD evaluation ]

Trust: 0.8

sources: VULHUB: VHN-390513 // JVNDB: JVNDB-2021-013624 // NVD: CVE-2021-30780

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202107-1662

TYPE

overflow, code execution

Trust: 0.6

sources: PACKETSTORM: 163645 // PACKETSTORM: 163646 // PACKETSTORM: 163647 // PACKETSTORM: 163649 // PACKETSTORM: 163650 // PACKETSTORM: 163651

PATCH

title:HT212604 Apple  Security updateurl:https://support.apple.com/en-us/HT212600

Trust: 0.8

title:Apple macOS Big Sur Buffer error vulnerability fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=157268

Trust: 0.6

sources: JVNDB: JVNDB-2021-013624 // CNNVD: CNNVD-202107-1662

EXTERNAL IDS

db:NVDid:CVE-2021-30780

Trust: 4.0

db:JVNDBid:JVNDB-2021-013624

Trust: 0.8

db:CNNVDid:CNNVD-202107-1662

Trust: 0.7

db:PACKETSTORMid:163645

Trust: 0.7

db:CS-HELPid:SB2021041363

Trust: 0.6

db:CNNVDid:CNNVD-202104-975

Trust: 0.6

db:AUSCERTid:ESB-2021.2488

Trust: 0.6

db:CS-HELPid:SB2021072219

Trust: 0.6

db:CS-HELPid:SB2021072231

Trust: 0.6

db:VULHUBid:VHN-390513

Trust: 0.1

db:VULMONid:CVE-2021-30780

Trust: 0.1

db:PACKETSTORMid:163646

Trust: 0.1

db:PACKETSTORMid:163647

Trust: 0.1

db:PACKETSTORMid:163649

Trust: 0.1

db:PACKETSTORMid:163650

Trust: 0.1

db:PACKETSTORMid:163651

Trust: 0.1

sources: VULHUB: VHN-390513 // VULMON: CVE-2021-30780 // JVNDB: JVNDB-2021-013624 // PACKETSTORM: 163645 // PACKETSTORM: 163646 // PACKETSTORM: 163647 // PACKETSTORM: 163649 // PACKETSTORM: 163650 // PACKETSTORM: 163651 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202107-1662 // NVD: CVE-2021-30780

REFERENCES

url:https://support.apple.com/en-us/ht212602

Trust: 2.3

url:https://support.apple.com/en-us/ht212600

Trust: 1.7

url:https://support.apple.com/en-us/ht212601

Trust: 1.7

url:https://support.apple.com/en-us/ht212603

Trust: 1.7

url:https://support.apple.com/en-us/ht212604

Trust: 1.7

url:https://support.apple.com/en-us/ht212605

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2021-30780

Trust: 1.4

url:https://nvd.nist.gov/vuln/detail/cve-2021-30781

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2021-30788

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2021-30759

Trust: 0.6

url:https://www.apple.com/support/security/pgp/

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2021-30760

Trust: 0.6

url:https://support.apple.com/kb/ht201222

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021041363

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021072219

Trust: 0.6

url:https://packetstormsecurity.com/files/163645/apple-security-advisory-2021-07-21-1.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2488

Trust: 0.6

url:https://vigilance.fr/vulnerability/apple-macos-multiple-vulnerabilities-35970

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021072231

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2021-30768

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2021-30776

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2021-30789

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2021-30775

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2021-30785

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2021-30779

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2021-30758

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2021-30774

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2021-30773

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2021-30770

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2021-30769

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2021-30777

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2021-30790

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2021-30787

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2021-30766

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2021-30765

Trust: 0.3

url:https://support.apple.com/downloads/

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2021-30782

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2021-30783

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2021-30786

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-30748

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-30763

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-30799

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-30793

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-30733

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-30672

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-30805

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-30703

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-30677

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-30796

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-30795

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-30797

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-3518

Trust: 0.2

url:http://seclists.org/fulldisclosure/2021/jul/56

Trust: 0.1

url:https://support.apple.com/ht212601.

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-36331

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-36329

Trust: 0.1

url:https://www.apple.com/itunes/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-25010

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-25014

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-36328

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-36330

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-25011

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-30791

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-30772

Trust: 0.1

url:https://support.apple.com/ht212602.

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-30784

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-30778

Trust: 0.1

url:https://support.apple.com/ht212600.

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-30731

Trust: 0.1

url:https://support.apple.com/ht212603.

Trust: 0.1

url:https://support.apple.com/kb/ht204641

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-30798

Trust: 0.1

url:https://support.apple.com/ht212605.

Trust: 0.1

url:https://support.apple.com/ht212604.

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-30802

Trust: 0.1

sources: VULHUB: VHN-390513 // VULMON: CVE-2021-30780 // JVNDB: JVNDB-2021-013624 // PACKETSTORM: 163645 // PACKETSTORM: 163646 // PACKETSTORM: 163647 // PACKETSTORM: 163649 // PACKETSTORM: 163650 // PACKETSTORM: 163651 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202107-1662 // NVD: CVE-2021-30780

CREDITS

Apple

Trust: 0.6

sources: PACKETSTORM: 163645 // PACKETSTORM: 163646 // PACKETSTORM: 163647 // PACKETSTORM: 163649 // PACKETSTORM: 163650 // PACKETSTORM: 163651

SOURCES

db:VULHUBid:VHN-390513
db:VULMONid:CVE-2021-30780
db:JVNDBid:JVNDB-2021-013624
db:PACKETSTORMid:163645
db:PACKETSTORMid:163646
db:PACKETSTORMid:163647
db:PACKETSTORMid:163649
db:PACKETSTORMid:163650
db:PACKETSTORMid:163651
db:CNNVDid:CNNVD-202104-975
db:CNNVDid:CNNVD-202107-1662
db:NVDid:CVE-2021-30780

LAST UPDATE DATE

2024-08-14T12:38:52.722000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-390513date:2021-09-17T00:00:00
db:JVNDBid:JVNDB-2021-013624date:2022-09-16T09:33:00
db:CNNVDid:CNNVD-202104-975date:2021-04-14T00:00:00
db:CNNVDid:CNNVD-202107-1662date:2021-09-18T00:00:00
db:NVDid:CVE-2021-30780date:2021-09-17T16:30:47.053

SOURCES RELEASE DATE

db:VULHUBid:VHN-390513date:2021-09-08T00:00:00
db:JVNDBid:JVNDB-2021-013624date:2022-09-16T00:00:00
db:PACKETSTORMid:163645date:2021-07-23T15:29:39
db:PACKETSTORMid:163646date:2021-07-23T15:30:22
db:PACKETSTORMid:163647date:2021-07-23T15:30:33
db:PACKETSTORMid:163649date:2021-07-23T15:31:52
db:PACKETSTORMid:163650date:2021-07-23T15:32:01
db:PACKETSTORMid:163651date:2021-07-23T15:35:22
db:CNNVDid:CNNVD-202104-975date:2021-04-13T00:00:00
db:CNNVDid:CNNVD-202107-1662date:2021-07-21T00:00:00
db:NVDid:CVE-2021-30780date:2021-09-08T14:15:11.003