{
  "GSD": {
    "alias": "CVE-2021-30868",
    "description": "A race condition was addressed with improved locking. This issue is fixed in macOS Monterey 12.0.1, macOS Big Sur 11.6.1. A malicious application may be able to execute arbitrary code with kernel privileges.",
    "id": "GSD-2021-30868"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2021-30868"
      ],
      "details": "A race condition was addressed with improved locking. This issue is fixed in macOS Monterey 12.0.1, macOS Big Sur 11.6.1. A malicious application may be able to execute arbitrary code with kernel privileges.",
      "id": "GSD-2021-30868",
      "modified": "2023-12-13T01:23:30.891111Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "product-security@apple.com",
        "ID": "CVE-2021-30868",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "macOS",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_value": "12.0"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "macOS",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_value": "11.6"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Apple"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A race condition was addressed with improved locking. This issue is fixed in macOS Monterey 12.0.1, macOS Big Sur 11.6.1. A malicious application may be able to execute arbitrary code with kernel privileges."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "A malicious application may be able to execute arbitrary code with kernel privileges"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://support.apple.com/en-us/HT212869",
            "refsource": "MISC",
            "url": "https://support.apple.com/en-us/HT212869"
          },
          {
            "name": "https://support.apple.com/en-us/HT212872",
            "refsource": "MISC",
            "url": "https://support.apple.com/en-us/HT212872"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "11.6.1",
                "versionStartIncluding": "11.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:macos:12.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2021-30868"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A race condition was addressed with improved locking. This issue is fixed in macOS Monterey 12.0.1, macOS Big Sur 11.6.1. A malicious application may be able to execute arbitrary code with kernel privileges."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-362"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.apple.com/en-us/HT212869",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://support.apple.com/en-us/HT212869"
            },
            {
              "name": "https://support.apple.com/en-us/HT212872",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://support.apple.com/en-us/HT212872"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.6,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 4.9,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 1.0,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2021-11-01T14:04Z",
      "publishedDate": "2021-08-24T19:15Z"
    }
  }
}

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ADD7C81-7CB2-4505-ACA0-9EC193E347D1",
              "versionEndExcluding": "11.6.1",
              "versionStartIncluding": "11.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:macos:12.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1974DC5F-8F37-4582-B597-E58C94189193",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A race condition was addressed with improved locking. This issue is fixed in macOS Monterey 12.0.1, macOS Big Sur 11.6.1. A malicious application may be able to execute arbitrary code with kernel privileges."
    },
    {
      "lang": "es",
      "value": "Se abord\u00f3 una condici\u00f3n de carrera con un bloqueo mejorado. Este problema se corrigi\u00f3 en macOS Monterey versi\u00f3n 12.0.1, macOS Big Sur versi\u00f3n 11.6.1. Una aplicaci\u00f3n maliciosa puede ser capaz de ejecutar c\u00f3digo arbitrario con privilegios del kernel"
    }
  ],
  "id": "CVE-2021-30868",
  "lastModified": "2024-11-21T06:04:52.567",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.6,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 4.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.0,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.0,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-08-24T19:15:15.037",
  "references": [
    {
      "source": "product-security@apple.com",
      "url": "https://support.apple.com/en-us/HT212869"
    },
    {
      "source": "product-security@apple.com",
      "url": "https://support.apple.com/en-us/HT212872"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://support.apple.com/en-us/HT212869"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://support.apple.com/en-us/HT212872"
    }
  ],
  "sourceIdentifier": "product-security@apple.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-362"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202108-2069",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "macos",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "apple",
        "version": "11.6.1"
      },
      {
        "model": "macos",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "apple",
        "version": "11.0"
      },
      {
        "model": "macos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "12.0"
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-30868"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:apple:macos:12.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "11.6.1",
                "versionStartIncluding": "11.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-30868"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Apple",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "164673"
      },
      {
        "db": "PACKETSTORM",
        "id": "164672"
      }
    ],
    "trust": 0.2
  },
  "cve": "CVE-2021-30868",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.6,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 4.9,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": true,
            "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.6,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 4.9,
            "id": "VHN-390601",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:H/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.0,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2021-30868",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202108-2116",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-390601",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-390601"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-30868"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202108-2116"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A race condition was addressed with improved locking. This issue is fixed in macOS Monterey 12.0.1, macOS Big Sur 11.6.1. A malicious application may be able to execute arbitrary code with kernel privileges. ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by the CVE program. Notes: none. Apple is aware of a report that this issue may\nhave been actively exploited. \nInformation about the security content is also available at\nhttps://support.apple.com/HT212869. \n\nAppKit\nAvailable for: Mac Pro (2013 and later), MacBook Air (Early 2015 and\nlater), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and\nlater), iMac (Late 2015 and later), MacBook (Early 2016 and later),\niMac Pro (2017 and later)\nImpact: A malicious application may be able to elevate privileges\nDescription: A logic issue was addressed with improved state\nmanagement. \nCVE-2021-30873: Thijs Alkemade of Computest\n\nAppleScript\nAvailable for: Mac Pro (2013 and later), MacBook Air (Early 2015 and\nlater), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and\nlater), iMac (Late 2015 and later), MacBook (Early 2016 and later),\niMac Pro (2017 and later)\nImpact: Processing a maliciously crafted AppleScript binary may\nresult in unexpected application termination or disclosure of process\nmemory\nDescription: An out-of-bounds read was addressed with improved bounds\nchecking. \nCVE-2021-30876: Jeremy Brown, hjy79425575\nCVE-2021-30879: Jeremy Brown, hjy79425575\nCVE-2021-30877: Jeremy Brown\nCVE-2021-30880: Jeremy Brown\n\nAudio\nAvailable for: Mac Pro (2013 and later), MacBook Air (Early 2015 and\nlater), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and\nlater), iMac (Late 2015 and later), MacBook (Early 2016 and later),\niMac Pro (2017 and later)\nImpact: A malicious application may be able to elevate privileges\nDescription: An integer overflow was addressed through improved input\nvalidation. \nCVE-2021-30907: Zweig of Kunlun Lab\n\nBluetooth\nAvailable for: Mac Pro (2013 and later), MacBook Air (Early 2015 and\nlater), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and\nlater), iMac (Late 2015 and later), MacBook (Early 2016 and later),\niMac Pro (2017 and later)\nImpact: A malicious application may be able to execute arbitrary code\nwith kernel privileges\nDescription: A race condition was addressed with improved state\nhandling. \nCVE-2021-30899: Weiteng Chen, Zheng Zhang, and Zhiyun Qian of UC\nRiverside, and Yu Wang of Didi Research America\n\nColorSync\nAvailable for: Mac Pro (2013 and later), MacBook Air (Early 2015 and\nlater), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and\nlater), iMac (Late 2015 and later), MacBook (Early 2016 and later),\niMac Pro (2017 and later)\nImpact: Processing a maliciously crafted image may lead to arbitrary\ncode execution\nDescription: A memory corruption issue existed in the processing of\nICC profiles. \nCVE-2021-30917: Alexandru-Vlad Niculae and Mateusz Jurczyk of Google\nProject Zero\n\nContinuity Camera\nAvailable for: Mac Pro (2013 and later), MacBook Air (Early 2015 and\nlater), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and\nlater), iMac (Late 2015 and later), MacBook (Early 2016 and later),\niMac Pro (2017 and later)\nImpact: A local attacker may be able to cause unexpected application\ntermination or arbitrary code execution\nDescription: This issue was addressed with improved checks. \nCVE-2021-30903: an anonymous researcher\n\nCoreAudio\nAvailable for: Mac Pro (2013 and later), MacBook Air (Early 2015 and\nlater), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and\nlater), iMac (Late 2015 and later), MacBook (Early 2016 and later),\niMac Pro (2017 and later)\nImpact: Processing a maliciously crafted file may disclose user\ninformation\nDescription: An out-of-bounds read was addressed with improved bounds\nchecking. \nCVE-2021-30905: Mickey Jin (@patch1t) of Trend Micro\n\nCoreGraphics\nAvailable for: Mac Pro (2013 and later), MacBook Air (Early 2015 and\nlater), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and\nlater), iMac (Late 2015 and later), MacBook (Early 2016 and later),\niMac Pro (2017 and later)\nImpact: Processing a maliciously crafted PDF may lead to arbitrary\ncode execution\nDescription: An out-of-bounds write was addressed with improved input\nvalidation. \nCVE-2021-30919\n\nFileProvider\nAvailable for: Mac Pro (2013 and later), MacBook Air (Early 2015 and\nlater), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and\nlater), iMac (Late 2015 and later), MacBook (Early 2016 and later),\niMac Pro (2017 and later)\nImpact: Unpacking a maliciously crafted archive may lead to arbitrary\ncode execution\nDescription: An input validation issue was addressed with improved\nmemory handling. \nCVE-2021-30881: Simon Huang (@HuangShaomang) and pjf of IceSword Lab\nof Qihoo 360\n\nGame Center\nAvailable for: Mac Pro (2013 and later), MacBook Air (Early 2015 and\nlater), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and\nlater), iMac (Late 2015 and later), MacBook (Early 2016 and later),\niMac Pro (2017 and later)\nImpact: A malicious application may be able to access information\nabout a user\u0027s contacts\nDescription: A logic issue was addressed with improved restrictions. \nCVE-2021-30895: Denis Tokarev\n\nGame Center\nAvailable for: Mac Pro (2013 and later), MacBook Air (Early 2015 and\nlater), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and\nlater), iMac (Late 2015 and later), MacBook (Early 2016 and later),\niMac Pro (2017 and later)\nImpact: A malicious application may be able to read user\u0027s gameplay\ndata\nDescription: A logic issue was addressed with improved restrictions. \nCVE-2021-30896: Denis Tokarev\n\niCloud\nAvailable for: Mac Pro (2013 and later), MacBook Air (Early 2015 and\nlater), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and\nlater), iMac (Late 2015 and later), MacBook (Early 2016 and later),\niMac Pro (2017 and later)\nImpact: A local attacker may be able to elevate their privileges\nDescription: This issue was addressed with improved checks. \nCVE-2021-30906: Cees Elzinga\n\nIntel Graphics Driver\nAvailable for: Mac Pro (2013 and later), MacBook Air (Early 2015 and\nlater), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and\nlater), iMac (Late 2015 and later), MacBook (Early 2016 and later),\niMac Pro (2017 and later)\nImpact: A malicious application may be able to execute arbitrary code\nwith kernel privileges\nDescription: A memory corruption issue was addressed with improved\nstate management. \nCVE-2021-30824: Antonio Zekic (@antoniozekic) of Diverto\n\nIntel Graphics Driver\nAvailable for: Mac Pro (2013 and later), MacBook Air (Early 2015 and\nlater), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and\nlater), iMac (Late 2015 and later), MacBook (Early 2016 and later),\niMac Pro (2017 and later)\nImpact: A malicious application may be able to execute arbitrary code\nwith kernel privileges\nDescription: Multiple out-of-bounds write issues were addressed with\nimproved bounds checking. \nCVE-2021-30901: Zuozhi Fan (@pattern_F_) of Ant Security TianQiong\nLab, Yinyi Wu (@3ndy1) of Ant Security Light-Year Lab, Jack Dates of\nRET2 Systems, Inc. \n\nIOGraphics\nAvailable for: Mac Pro (2013 and later), MacBook Air (Early 2015 and\nlater), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and\nlater), iMac (Late 2015 and later), MacBook (Early 2016 and later),\niMac Pro (2017 and later)\nImpact: A malicious application may be able to execute arbitrary code\nwith kernel privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2021-30821: Tim Michaud (@TimGMichaud) of Zoom Video\nCommunications\n\nIOMobileFrameBuffer\nAvailable for: Mac Pro (2013 and later), MacBook Air (Early 2015 and\nlater), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and\nlater), iMac (Late 2015 and later), MacBook (Early 2016 and later),\niMac Pro (2017 and later)\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2021-30883: an anonymous researcher\n\nKernel\nAvailable for: Mac Pro (2013 and later), MacBook Air (Early 2015 and\nlater), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and\nlater), iMac (Late 2015 and later), MacBook (Early 2016 and later),\niMac Pro (2017 and later)\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A use after free issue was addressed with improved\nmemory management. \nCVE-2021-30886: @0xalsr\n\nKernel\nAvailable for: Mac Pro (2013 and later), MacBook Air (Early 2015 and\nlater), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and\nlater), iMac (Late 2015 and later), MacBook (Early 2016 and later),\niMac Pro (2017 and later)\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2021-30909: Zweig of Kunlun Lab\n\nKernel\nAvailable for: Mac Pro (2013 and later), MacBook Air (Early 2015 and\nlater), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and\nlater), iMac (Late 2015 and later), MacBook (Early 2016 and later),\niMac Pro (2017 and later)\nImpact: A malicious application may be able to execute arbitrary code\nwith kernel privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2021-30916: Zweig of Kunlun Lab\n\nLaunchServices\nAvailable for: Mac Pro (2013 and later), MacBook Air (Early 2015 and\nlater), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and\nlater), iMac (Late 2015 and later), MacBook (Early 2016 and later),\niMac Pro (2017 and later)\nImpact: A sandboxed process may be able to circumvent sandbox\nrestrictions\nDescription: A logic issue was addressed with improved state\nmanagement. \nCVE-2021-30864: Ron Hass (@ronhass7) of Perception Point\n\nLogin Window\nAvailable for: Mac Pro (2013 and later), MacBook Air (Early 2015 and\nlater), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and\nlater), iMac (Late 2015 and later), MacBook (Early 2016 and later),\niMac Pro (2017 and later)\nImpact: A person with access to a host Mac may be able to bypass the\nLogin Window in Remote Desktop for a locked instance of macOS\nDescription: This issue was addressed with improved checks. \nCVE-2021-30813: Benjamin Berger of BBetterTech LLC, Peter Goedtkindt\nof Informatique-MTF S.A., an anonymous researcher\n\nModel I/O\nAvailable for: Mac Pro (2013 and later), MacBook Air (Early 2015 and\nlater), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and\nlater), iMac (Late 2015 and later), MacBook (Early 2016 and later),\niMac Pro (2017 and later)\nImpact: Processing a maliciously crafted file may disclose user\ninformation\nDescription: An out-of-bounds read was addressed with improved bounds\nchecking. \nCVE-2021-30910: Mickey Jin (@patch1t) of Trend Micro\n\nModel I/O\nAvailable for: Mac Pro (2013 and later), MacBook Air (Early 2015 and\nlater), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and\nlater), iMac (Late 2015 and later), MacBook (Early 2016 and later),\niMac Pro (2017 and later)\nImpact: Processing a maliciously crafted USD file may disclose memory\ncontents\nDescription: An out-of-bounds read was addressed with improved bounds\nchecking. \nCVE-2021-30911: Rui Yang and Xingwei Lin of Ant Security Light-Year\nLab\n\nSandbox\nAvailable for: Mac Pro (2013 and later), MacBook Air (Early 2015 and\nlater), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and\nlater), iMac (Late 2015 and later), MacBook (Early 2016 and later),\niMac Pro (2017 and later)\nImpact: A local attacker may be able to read sensitive information\nDescription: A permissions issue was addressed with improved\nvalidation. \nCVE-2021-30920: Csaba Fitzl (@theevilbit) of Offensive Security\n\nSMB\nAvailable for: Mac Pro (2013 and later), MacBook Air (Early 2015 and\nlater), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and\nlater), iMac (Late 2015 and later), MacBook (Early 2016 and later),\niMac Pro (2017 and later)\nImpact: A malicious application may be able to execute arbitrary code\nwith kernel privileges\nDescription: A race condition was addressed with improved locking. \nCVE-2021-30868: Peter Nguyen Vu Hoang of STAR Labs\n\nSoftwareUpdate\nAvailable for: Mac Pro (2013 and later), MacBook Air (Early 2015 and\nlater), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and\nlater), iMac (Late 2015 and later), MacBook (Early 2016 and later),\niMac Pro (2017 and later)\nImpact: A malicious application may gain access to a user\u0027s Keychain\nitems\nDescription: The issue was addressed with improved permissions logic. \nCVE-2021-30912: Kirin (@Pwnrin) and chenyuwang (@mzzzz__) of Tencent\nSecurity Xuanwu Lab\n\nSoftwareUpdate\nAvailable for: Mac Pro (2013 and later), MacBook Air (Early 2015 and\nlater), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and\nlater), iMac (Late 2015 and later), MacBook (Early 2016 and later),\niMac Pro (2017 and later)\nImpact: An unprivileged application may be able to edit NVRAM\nvariables\nDescription: The issue was addressed with improved permissions logic. \nCVE-2021-30913: Kirin (@Pwnrin) and chenyuwang (@mzzzz__) of Tencent\nSecurity Xuanwu Lab\n\nUIKit\nAvailable for: Mac Pro (2013 and later), MacBook Air (Early 2015 and\nlater), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and\nlater), iMac (Late 2015 and later), MacBook (Early 2016 and later),\niMac Pro (2017 and later)\nImpact: A person with physical access to an iOS device may be\ndetermine characteristics of a user\u0027s password in a secure text entry\nfield\nDescription: A logic issue was addressed with improved state\nmanagement. \nCVE-2021-30915: Kostas Angelopoulos\n\nWebKit\nAvailable for: Mac Pro (2013 and later), MacBook Air (Early 2015 and\nlater), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and\nlater), iMac (Late 2015 and later), MacBook (Early 2016 and later),\niMac Pro (2017 and later)\nImpact: An attacker in a privileged network position may be able to\nbypass HSTS\nDescription: A logic issue was addressed with improved restrictions. \nCVE-2021-30823: David Gullasch of Recurity Labs\n\nWebKit\nAvailable for: Mac Pro (2013 and later), MacBook Air (Early 2015 and\nlater), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and\nlater), iMac (Late 2015 and later), MacBook (Early 2016 and later),\niMac Pro (2017 and later)\nImpact: Processing maliciously crafted web content may lead to\nunexpectedly unenforced Content Security Policy\nDescription: A logic issue was addressed with improved restrictions. \nCVE-2021-30887: Narendra Bhati (@imnarendrabhati) of Suma Soft Pvt. \nLtd. \n\nWebKit\nAvailable for: Mac Pro (2013 and later), MacBook Air (Early 2015 and\nlater), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and\nlater), iMac (Late 2015 and later), MacBook (Early 2016 and later),\niMac Pro (2017 and later)\nImpact: A malicious website using Content Security Policy reports may\nbe able to leak information via redirect behavior \nDescription: An information leakage issue was addressed. \nCVE-2021-30888: Prakash (@1lastBr3ath)\n\nWebKit\nAvailable for: Mac Pro (2013 and later), MacBook Air (Early 2015 and\nlater), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and\nlater), iMac (Late 2015 and later), MacBook (Early 2016 and later),\niMac Pro (2017 and later)\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: A buffer overflow issue was addressed with improved\nmemory handling. \nCVE-2021-30889: Chijin Zhou of ShuiMuYuLin Ltd and Tsinghua\nwingtecher lab\n\nWebKit\nAvailable for: Mac Pro (2013 and later), MacBook Air (Early 2015 and\nlater), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and\nlater), iMac (Late 2015 and later), MacBook (Early 2016 and later),\niMac Pro (2017 and later)\nImpact: A malicious application may bypass Gatekeeper checks\nDescription: A logic issue was addressed with improved state\nmanagement. \nCVE-2021-30861: Wojciech Regu\u0142a (@_r3ggi), Ryan Pickren\n(ryanpickren.com)\n\nWebKit\nAvailable for: Mac Pro (2013 and later), MacBook Air (Early 2015 and\nlater), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and\nlater), iMac (Late 2015 and later), MacBook (Early 2016 and later),\niMac Pro (2017 and later)\nImpact: Processing maliciously crafted web content may lead to\nuniversal cross site scripting\nDescription: A logic issue was addressed with improved state\nmanagement. \nCVE-2021-30890: an anonymous researcher\n\nWindows Server\nAvailable for: Mac Pro (2013 and later), MacBook Air (Early 2015 and\nlater), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and\nlater), iMac (Late 2015 and later), MacBook (Early 2016 and later),\niMac Pro (2017 and later)\nImpact: A local attacker may be able to view the previous logged in\nuser\u2019s desktop from the fast user switching screen\nDescription: An authentication issue was addressed with improved\nstate management. \nCVE-2021-30908: ASentientBot\n\nxar\nAvailable for: Mac Pro (2013 and later), MacBook Air (Early 2015 and\nlater), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and\nlater), iMac (Late 2015 and later), MacBook (Early 2016 and later),\niMac Pro (2017 and later)\nImpact: Unpacking a maliciously crafted archive may allow an attacker\nto write arbitrary files\nDescription: This issue was addressed with improved checks. \nCVE-2021-30833: Richard Warren of NCC Group\n\nzsh\nAvailable for: Mac Pro (2013 and later), MacBook Air (Early 2015 and\nlater), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and\nlater), iMac (Late 2015 and later), MacBook (Early 2016 and later),\niMac Pro (2017 and later)\nImpact: A malicious application may be able to modify protected parts\nof the file system\nDescription: An inherited permissions issue was addressed with\nadditional restrictions. \nCVE-2021-30892: Jonathan Bar Or of Microsoft\n\nAdditional recognition\n\nAPFS\nWe would like to acknowledge Koh M. Nakagawa of FFRI Security, Inc. \nfor their assistance. \n\nApp Support\nWe would like to acknowledge an anonymous researcher, \u6f02\u4eae\u9f20 of \u8d5b\u535a\u56de\u5fc6\u5f55\nfor their assistance. \n\nBluetooth\nWe would like to acknowledge say2 of ENKI for their assistance. \n\nCUPS\nWe would like to acknowledge an anonymous researcher for their\nassistance. \n\niCloud\nWe would like to acknowledge Ryan Pickren (ryanpickren.com) for their\nassistance. \n\nKernel\nWe would like to acknowledge Anthony Steinhauser of Google\u0027s Safeside\nproject for their assistance. \n\nMail\nWe would like to acknowledge Fabian Ising and Damian Poddebniak of\nM\u00fcnster University of Applied Sciences for their assistance. \n\nManaged Configuration\nWe would like to acknowledge Michal Moravec of Logicworks, s.r.o. for\ntheir assistance. \n\nsmbx\nWe would like to acknowledge Zhongcheng Li (CK01) for their\nassistance. \n\nWebKit\nWe would like to acknowledge Ivan Fratric of Google Project Zero,\nPavel Gromadchuk, an anonymous researcher for their assistance. \n\nInstallation note:\nThis update may be obtained from the Mac App Store\n\nInformation will also be posted to the Apple Security Updates\nweb site: https://support.apple.com/kb/HT201222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\nInformation will also be posted to the Apple Security Updates\nweb site: https://support.apple.com/kb/HT201222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\n\niQIzBAEBCAAdFiEEePiLW1MrMjw19XzoeC9qKD1prhgFAmF4hpwACgkQeC9qKD1p\nrhhm0Q//fIQiOk2S9w2qirXapPqEpyI9LNJnGX/RCrsZGN/iFkgvt27/RYLhHHQk\nefqxE6nnXdUaj9HoIIHiG4rKxIhfkscw1dF9igvmYm6j+V2KMiRxp1Pev1zMzsBI\nN6F7mJ4SiATHDTJATU8uCqIqHRQsvcIrHCjovblqGfuZxzvsjkvtRc0eXC0XAARf\nxW0WRNbTBoCOEsMp92hNI45B/oK05b1aHm2pY529gE6GRBBl0ymVo30fQ7vmIoJY\nUajc6pDNeJ1MhSpo0k+Z+eVodSdBN2EutKZfU5+4t2GzqeW5nLZFa/oqXObXBhXk\ni8bptOhceBu6qD9poSgkS5EdH4OdRQMcMjsQLIRJj3N/MwZBhGvsLQDlyGmtd+VG\na0s+pna/WoFwzw800CYRarmL0rRsZ4zZza0iuKArhrLlQCw+ee6XNL+1U50zvMaW\noT3gNkf3faCqQDxecIcQTj7xwt2tHV87p7uqELiuUZaCk5UoQBsWxGeGebFGxUq5\npJVQvnr4RVrDkpOQjbKj8w9mWoSZcvKlhRNL9J5kW75zd32vwnaVMlVkIG8vfvoK\nsgq/VfKrOW+EV1IMAh4iuaMiLAPjwBzMiRfjvRZFeJmTaMaTOxDKHwkG5YwPNp5W\n0FlhV1S2pAmGlQZgvTxkBthtU9A9giuH+oHSGJDjr70Q7de8lJ4=\n=3Pcg\n-----END PGP SIGNATURE-----\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-30868"
      },
      {
        "db": "VULHUB",
        "id": "VHN-390601"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-30868"
      },
      {
        "db": "PACKETSTORM",
        "id": "164673"
      },
      {
        "db": "PACKETSTORM",
        "id": "164672"
      }
    ],
    "trust": 1.26
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-390601",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-390601"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2021-30868",
        "trust": 2.0
      },
      {
        "db": "PACKETSTORM",
        "id": "164672",
        "trust": 0.8
      },
      {
        "db": "PACKETSTORM",
        "id": "164673",
        "trust": 0.8
      },
      {
        "db": "CS-HELP",
        "id": "SB2021102711",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2021.3560",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2021.3563",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202108-2116",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-390601",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-30868",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-390601"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-30868"
      },
      {
        "db": "PACKETSTORM",
        "id": "164673"
      },
      {
        "db": "PACKETSTORM",
        "id": "164672"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-30868"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202108-2116"
      }
    ]
  },
  "id": "VAR-202108-2069",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-390601"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T11:46:32.584000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Apple macOS Big Sur Repair measures for the competition condition problem loophole",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=167696"
      }
    ],
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202108-2116"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-362",
        "trust": 1.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-390601"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-30868"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.3,
        "url": "https://support.apple.com/en-us/ht212872"
      },
      {
        "trust": 1.7,
        "url": "https://support.apple.com/en-us/ht212869"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2021.3563"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/apple-macos-multiple-vulnerabilities-36718"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2021.3560"
      },
      {
        "trust": 0.6,
        "url": "https://support.apple.com/ht212872"
      },
      {
        "trust": 0.6,
        "url": "https://packetstormsecurity.com/files/164672/apple-security-advisory-2021-10-26-3.html"
      },
      {
        "trust": 0.6,
        "url": "https://packetstormsecurity.com/files/164673/apple-security-advisory-2021-10-26-4.html"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021102711"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-30899"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-30876"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-30879"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-30883"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-30868"
      },
      {
        "trust": 0.2,
        "url": "https://www.apple.com/support/security/pgp/"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-30877"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-30892"
      },
      {
        "trust": 0.2,
        "url": "https://support.apple.com/kb/ht201222"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-30880"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-30824"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-30881"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-30821"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-30901"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-30906"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-30919"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-30915"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-30913"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-30907"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-30916"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-30912"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-30908"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-30909"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-30910"
      },
      {
        "trust": 0.1,
        "url": "https://support.apple.com/ht212872."
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-30917"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-30911"
      },
      {
        "trust": 0.1,
        "url": "https://support.apple.com/ht212869."
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-30813"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-30887"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-30890"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-30861"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-30903"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-30895"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-30873"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-30889"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-30823"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-30888"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-30833"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-30886"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-30864"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-30896"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-390601"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-30868"
      },
      {
        "db": "PACKETSTORM",
        "id": "164673"
      },
      {
        "db": "PACKETSTORM",
        "id": "164672"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-30868"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202108-2116"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-390601"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-30868"
      },
      {
        "db": "PACKETSTORM",
        "id": "164673"
      },
      {
        "db": "PACKETSTORM",
        "id": "164672"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-30868"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202108-2116"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-08-24T00:00:00",
        "db": "VULHUB",
        "id": "VHN-390601"
      },
      {
        "date": "2021-08-24T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-30868"
      },
      {
        "date": "2021-10-28T14:41:31",
        "db": "PACKETSTORM",
        "id": "164673"
      },
      {
        "date": "2021-10-27T16:36:46",
        "db": "PACKETSTORM",
        "id": "164672"
      },
      {
        "date": "2021-08-24T19:15:15.037000",
        "db": "NVD",
        "id": "CVE-2021-30868"
      },
      {
        "date": "2021-08-24T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202108-2116"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-11-01T00:00:00",
        "db": "VULHUB",
        "id": "VHN-390601"
      },
      {
        "date": "2021-08-24T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-30868"
      },
      {
        "date": "2023-11-07T03:33:36.687000",
        "db": "NVD",
        "id": "CVE-2021-30868"
      },
      {
        "date": "2021-11-29T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202108-2116"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202108-2116"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Apple macOS Big Sur Competitive conditional vulnerability",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202108-2116"
      }
    ],
    "trust": 0.6
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "competition condition problem",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202108-2116"
      }
    ],
    "trust": 0.6
  }
}

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "watchOS versions ant\u00e9rieures \u00e0 8.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "macOS Big Sur versions ant\u00e9rieures \u00e0 11.6.1",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iOS et iPadOS versions ant\u00e9rieures \u00e0 14.8.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "tvOS versions ant\u00e9rieures \u00e0 15.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "macOS Catalina sans le correctif de s\u00e9curit\u00e9 2021-007",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iOS et iPadOS versions 15.x ant\u00e9rieures \u00e0 15.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "macOS Monterey versions ant\u00e9rieures \u00e0 12.0.1",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-30875",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30875"
    },
    {
      "name": "CVE-2021-30914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30914"
    },
    {
      "name": "CVE-2021-30909",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30909"
    },
    {
      "name": "CVE-2021-30899",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30899"
    },
    {
      "name": "CVE-2021-30892",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30892"
    },
    {
      "name": "CVE-2021-30887",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30887"
    },
    {
      "name": "CVE-2021-30895",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30895"
    },
    {
      "name": "CVE-2021-30907",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30907"
    },
    {
      "name": "CVE-2021-30861",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30861"
    },
    {
      "name": "CVE-2021-30911",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30911"
    },
    {
      "name": "CVE-2021-30833",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30833"
    },
    {
      "name": "CVE-2021-30901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30901"
    },
    {
      "name": "CVE-2021-30823",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30823"
    },
    {
      "name": "CVE-2021-30912",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30912"
    },
    {
      "name": "CVE-2021-30896",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30896"
    },
    {
      "name": "CVE-2021-30902",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30902"
    },
    {
      "name": "CVE-2021-30888",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30888"
    },
    {
      "name": "CVE-2021-30868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30868"
    },
    {
      "name": "CVE-2021-30864",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30864"
    },
    {
      "name": "CVE-2021-30916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30916"
    },
    {
      "name": "CVE-2021-30834",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30834"
    },
    {
      "name": "CVE-2021-30890",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30890"
    },
    {
      "name": "CVE-2021-30879",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30879"
    },
    {
      "name": "CVE-2021-30903",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30903"
    },
    {
      "name": "CVE-2021-30880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30880"
    },
    {
      "name": "CVE-2021-30910",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30910"
    },
    {
      "name": "CVE-2021-30886",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30886"
    },
    {
      "name": "CVE-2021-30824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30824"
    },
    {
      "name": "CVE-2021-30908",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30908"
    },
    {
      "name": "CVE-2021-30915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30915"
    },
    {
      "name": "CVE-2021-30906",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30906"
    },
    {
      "name": "CVE-2021-30889",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30889"
    },
    {
      "name": "CVE-2021-30813",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30813"
    },
    {
      "name": "CVE-2021-30873",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30873"
    },
    {
      "name": "CVE-2021-30917",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30917"
    },
    {
      "name": "CVE-2021-30877",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30877"
    },
    {
      "name": "CVE-2021-30920",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30920"
    },
    {
      "name": "CVE-2021-30913",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30913"
    },
    {
      "name": "CVE-2021-30918",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30918"
    },
    {
      "name": "CVE-2021-30876",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30876"
    },
    {
      "name": "CVE-2021-30905",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30905"
    },
    {
      "name": "CVE-2021-30881",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30881"
    },
    {
      "name": "CVE-2021-30821",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30821"
    },
    {
      "name": "CVE-2021-30883",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30883"
    },
    {
      "name": "CVE-2021-30894",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30894"
    },
    {
      "name": "CVE-2021-30900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30900"
    },
    {
      "name": "CVE-2021-30919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30919"
    }
  ],
  "links": [],
  "reference": "CERTFR-2021-AVI-825",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2021-10-27T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Apple.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT212874 du 25 octobre 2021",
      "url": "https://support.apple.com/fr-fr/HT212874"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT212868 du 25 octobre 2021",
      "url": "https://support.apple.com/fr-fr/HT212868"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT212871 du 25 octobre 2021",
      "url": "https://support.apple.com/fr-fr/HT212871"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT212876 du 25 octobre 2021",
      "url": "https://support.apple.com/fr-fr/HT212876"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT212872 du 25 octobre 2021",
      "url": "https://support.apple.com/fr-fr/HT212872"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT212867 du 25 octobre 2021",
      "url": "https://support.apple.com/fr-fr/HT212867"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT212869 du 25 octobre 2021",
      "url": "https://support.apple.com/fr-fr/HT212869"
    }
  ]
}

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "watchOS versions ant\u00e9rieures \u00e0 8.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "macOS Big Sur versions ant\u00e9rieures \u00e0 11.6.1",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iOS et iPadOS versions ant\u00e9rieures \u00e0 14.8.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "tvOS versions ant\u00e9rieures \u00e0 15.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "macOS Catalina sans le correctif de s\u00e9curit\u00e9 2021-007",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iOS et iPadOS versions 15.x ant\u00e9rieures \u00e0 15.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "macOS Monterey versions ant\u00e9rieures \u00e0 12.0.1",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-30875",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30875"
    },
    {
      "name": "CVE-2021-30914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30914"
    },
    {
      "name": "CVE-2021-30909",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30909"
    },
    {
      "name": "CVE-2021-30899",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30899"
    },
    {
      "name": "CVE-2021-30892",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30892"
    },
    {
      "name": "CVE-2021-30887",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30887"
    },
    {
      "name": "CVE-2021-30895",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30895"
    },
    {
      "name": "CVE-2021-30907",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30907"
    },
    {
      "name": "CVE-2021-30861",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30861"
    },
    {
      "name": "CVE-2021-30911",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30911"
    },
    {
      "name": "CVE-2021-30833",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30833"
    },
    {
      "name": "CVE-2021-30901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30901"
    },
    {
      "name": "CVE-2021-30823",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30823"
    },
    {
      "name": "CVE-2021-30912",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30912"
    },
    {
      "name": "CVE-2021-30896",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30896"
    },
    {
      "name": "CVE-2021-30902",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30902"
    },
    {
      "name": "CVE-2021-30888",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30888"
    },
    {
      "name": "CVE-2021-30868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30868"
    },
    {
      "name": "CVE-2021-30864",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30864"
    },
    {
      "name": "CVE-2021-30916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30916"
    },
    {
      "name": "CVE-2021-30834",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30834"
    },
    {
      "name": "CVE-2021-30890",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30890"
    },
    {
      "name": "CVE-2021-30879",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30879"
    },
    {
      "name": "CVE-2021-30903",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30903"
    },
    {
      "name": "CVE-2021-30880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30880"
    },
    {
      "name": "CVE-2021-30910",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30910"
    },
    {
      "name": "CVE-2021-30886",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30886"
    },
    {
      "name": "CVE-2021-30824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30824"
    },
    {
      "name": "CVE-2021-30908",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30908"
    },
    {
      "name": "CVE-2021-30915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30915"
    },
    {
      "name": "CVE-2021-30906",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30906"
    },
    {
      "name": "CVE-2021-30889",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30889"
    },
    {
      "name": "CVE-2021-30813",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30813"
    },
    {
      "name": "CVE-2021-30873",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30873"
    },
    {
      "name": "CVE-2021-30917",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30917"
    },
    {
      "name": "CVE-2021-30877",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30877"
    },
    {
      "name": "CVE-2021-30920",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30920"
    },
    {
      "name": "CVE-2021-30913",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30913"
    },
    {
      "name": "CVE-2021-30918",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30918"
    },
    {
      "name": "CVE-2021-30876",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30876"
    },
    {
      "name": "CVE-2021-30905",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30905"
    },
    {
      "name": "CVE-2021-30881",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30881"
    },
    {
      "name": "CVE-2021-30821",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30821"
    },
    {
      "name": "CVE-2021-30883",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30883"
    },
    {
      "name": "CVE-2021-30894",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30894"
    },
    {
      "name": "CVE-2021-30900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30900"
    },
    {
      "name": "CVE-2021-30919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30919"
    }
  ],
  "links": [],
  "reference": "CERTFR-2021-AVI-825",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2021-10-27T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Apple.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT212874 du 25 octobre 2021",
      "url": "https://support.apple.com/fr-fr/HT212874"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT212868 du 25 octobre 2021",
      "url": "https://support.apple.com/fr-fr/HT212868"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT212871 du 25 octobre 2021",
      "url": "https://support.apple.com/fr-fr/HT212871"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT212876 du 25 octobre 2021",
      "url": "https://support.apple.com/fr-fr/HT212876"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT212872 du 25 octobre 2021",
      "url": "https://support.apple.com/fr-fr/HT212872"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT212867 du 25 octobre 2021",
      "url": "https://support.apple.com/fr-fr/HT212867"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT212869 du 25 octobre 2021",
      "url": "https://support.apple.com/fr-fr/HT212869"
    }
  ]
}