Home > Vulnerability Database > CVE-2021-30851

Mend.io Vulnerability Database

New vulnerability? Tell us about it!

CVE-2021-30851

Date: August 24, 2021

A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution.

Severity Score

8.8

Related Resources (18)

Url: https://support.apple.com/en-us/HT212815

Url: https://support.apple.com/en-us/HT212816

Url: https://www.debian.org/security/2021/dsa-4996

Url: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H6MGXCX7P5AHWOQ6IRT477UKT7IS4DAD/

Url: https://www.debian.org/security/2021/dsa-4995

Url: https://support.apple.com/en-us/HT212814

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2021-30851

Url: https://support.apple.com/en-us/HT212819

Url: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H6MGXCX7P5AHWOQ6IRT477UKT7IS4DAD/

Url: https://security-tracker.debian.org/tracker/CVE-2021-30851

Url: http://www.openwall.com/lists/oss-security/2021/10/31/1

Url: https://support.apple.com/kb/HT212869

Url: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ON5SDVVPVPCAGFPW2GHYATZVZYLPW2L4/

Url: https://access.redhat.com/security/cve/CVE-2021-30851

Url: https://nvd.nist.gov/vuln/detail/CVE-2021-30851

Url: https://security.alpinelinux.org/vuln/CVE-2021-30851

Url: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ON5SDVVPVPCAGFPW2GHYATZVZYLPW2L4/

Url: https://www.mend.io/vulnerability-database/CVE-2021-30851

Severity Score

8.8

Weakness Type (CWE)

Out-of-bounds Write

CWE-787

CVSS v3.1

Base Score:	8.8
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	REQUIRED
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

CVSS v2

Base Score:	6.8
Access Vector (AV):	NETWORK
Access Complexity (AC):	MEDIUM
Authentication (AU):	NONE
Confidentiality (C):	PARTIAL
Integrity (I):	PARTIAL
Availability (A):	PARTIAL
Additional information:

Do you need more information?

Contact Us