var-202109-1315
Vulnerability from variot
A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 7.4.1, iOS 14.5.1 and iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, macOS Big Sur 11.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. plural Apple The product contains a vulnerability related to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Apple Safari is a web browser of Apple (Apple), the default browser included with Mac OS X and iOS operating systems. A buffer error vulnerability exists in Apple Safari that stems from a bounds error in WebKit. A remote attacker could exploit this vulnerability to execute arbitrary code on the target system. The following products and versions are affected: Apple Safari: 14.0, 14.0.1, 14.0.2, 14.0.3, 14.0.3-14610.4.3.1.7, 14.0.3-15610.4.3.1.7, 14.1. APPLE-SA-2021-05-03-3 watchOS 7.4.1. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
APPLE-SA-2021-05-25-7 tvOS 14.6
tvOS 14.6 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT212532.
Audio Available for: Apple TV 4K and Apple TV HD Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: This issue was addressed with improved checks. CVE-2021-30707: hjy79425575 working with Trend Micro Zero Day Initiative
Audio Available for: Apple TV 4K and Apple TV HD Impact: Parsing a maliciously crafted audio file may lead to disclosure of user information Description: This issue was addressed with improved checks. CVE-2021-30685: Mickey Jin (@patch1t) of Trend Micro
CoreAudio Available for: Apple TV 4K and Apple TV HD Impact: Processing a maliciously crafted audio file may disclose restricted memory Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2021-30686: Mickey Jin of Trend Micro
Crash Reporter Available for: Apple TV 4K and Apple TV HD Impact: A malicious application may be able to modify protected parts of the file system Description: A logic issue was addressed with improved state management. CVE-2021-30727: Cees Elzinga
CVMS Available for: Apple TV 4K and Apple TV HD Impact: A local attacker may be able to elevate their privileges Description: This issue was addressed with improved checks. CVE-2021-30724: Mickey Jin (@patch1t) of Trend Micro
Heimdal Available for: Apple TV 4K and Apple TV HD Impact: A local user may be able to leak sensitive user information Description: A logic issue was addressed with improved state management. CVE-2021-30697: Gabe Kirkpatrick (@gabe_k)
Heimdal Available for: Apple TV 4K and Apple TV HD Impact: A malicious application may cause a denial of service or potentially disclose memory contents Description: A memory corruption issue was addressed with improved state management. CVE-2021-30710: Gabe Kirkpatrick (@gabe_k)
ImageIO Available for: Apple TV 4K and Apple TV HD Impact: Processing a maliciously crafted image may lead to disclosure of user information Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2021-30687: Hou JingYi (@hjy79425575) of Qihoo 360
ImageIO Available for: Apple TV 4K and Apple TV HD Impact: Processing a maliciously crafted image may lead to disclosure of user information Description: This issue was addressed with improved checks. CVE-2021-30700: Ye Zhang(@co0py_Cat) of Baidu Security
ImageIO Available for: Apple TV 4K and Apple TV HD Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: This issue was addressed with improved checks. CVE-2021-30701: Mickey Jin (@patch1t) of Trend Micro and Ye Zhang of Baidu Security
ImageIO Available for: Apple TV 4K and Apple TV HD Impact: Processing a maliciously crafted ASTC file may disclose memory contents Description: This issue was addressed with improved checks. CVE-2021-30705: Ye Zhang of Baidu Security
Kernel Available for: Apple TV 4K and Apple TV HD Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A logic issue was addressed with improved validation. CVE-2021-30740: Linus Henze (pinauten.de)
Kernel Available for: Apple TV 4K and Apple TV HD Impact: An application may be able to execute arbitrary code with kernel privileges Description: A logic issue was addressed with improved state management. CVE-2021-30704: an anonymous researcher
Kernel Available for: Apple TV 4K and Apple TV HD Impact: Processing a maliciously crafted message may lead to a denial of service Description: A logic issue was addressed with improved state management. CVE-2021-30715: The UK's National Cyber Security Centre (NCSC)
Kernel Available for: Apple TV 4K and Apple TV HD Impact: An application may be able to execute arbitrary code with kernel privileges Description: A buffer overflow was addressed with improved size validation. CVE-2021-30736: Ian Beer of Google Project Zero
LaunchServices Available for: Apple TV 4K and Apple TV HD Impact: A malicious application may be able to break out of its sandbox Description: This issue was addressed with improved environment sanitization. CVE-2021-30677: Ron Waisberg (@epsilan)
Security Available for: Apple TV 4K and Apple TV HD Impact: Processing a maliciously crafted certificate may lead to arbitrary code execution Description: A memory corruption issue in the ASN.1 decoder was addressed by removing the vulnerable code. CVE-2021-30665: yangkang (@dnpushme)&zerokeeper&bianliang of 360 ATA
WebKit Available for: Apple TV 4K and Apple TV HD Impact: Processing maliciously crafted web content may lead to universal cross site scripting Description: A cross-origin issue with iframe elements was addressed with improved tracking of security origins. CVE-2021-21779: Marcin Towalski of Cisco Talos
WebKit Available for: Apple TV 4K and Apple TV HD Impact: A malicious application may be able to leak sensitive user information Description: A logic issue was addressed with improved restrictions. CVE-2021-30682: an anonymous researcher and 1lastBr3ath
WebKit Available for: Apple TV 4K and Apple TV HD Impact: Processing maliciously crafted web content may lead to universal cross site scripting Description: A logic issue was addressed with improved state management. CVE-2021-30749: an anonymous researcher and mipu94 of SEFCOM lab, ASU. working with Trend Micro Zero Day Initiative CVE-2021-30734: Jack Dates of RET2 Systems, Inc. (@ret2systems) working with Trend Micro Zero Day Initiative
WebKit Available for: Apple TV 4K and Apple TV HD Impact: A malicious website may be able to access restricted ports on arbitrary servers Description: A logic issue was addressed with improved restrictions. Description: An integer overflow was addressed with improved input validation. CVE-2021-30663: an anonymous researcher
Additional recognition
ImageIO We would like to acknowledge Jzhu working with Trend Micro Zero Day Initiative and an anonymous researcher for their assistance.
WebKit We would like to acknowledge Chris Salls (@salls) of Makai Security for their assistance.
Apple TV will periodically check for software updates. Alternatively, you may manually check for software updates by selecting "Settings -> System -> Software Update -> Update Software."
To check the current version of software, select "Settings -> General -> About." Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEbURczHs1TP07VIfuZcsbuWJ6jjAFAmCtU9MACgkQZcsbuWJ6 jjBzuhAAmXJik2L+PmRMzs6dd1QcCSwHYi0KLG0ERapHKJsFcm5+xpv87a4AFO4p 3E6+5w9wQSWVEsQG1PIvuyV3M81xuu8xY88tAD1ce1qGA4Dny4E7RU08Y0l43j/x d1RemCf0TjwYpvX34/GaOspxFQYnRo1gWsU1v7bieF8vMHZmUOlgiNep0UEG3Kuq 7IAAsfzWS43a+nkefSDWEujMNwbg1SZKua/+BXgZC7AOXdAHItqyNBFIerUc2uSf ReHLZ5BNBKw9OsL9qoJsiLCmwxKrpUTzpQahu2gybZf65nza6QPOTohqqWq79EOD mIqOW4SQ5mVSrzMh+GB9EovMY+l5YgyHwObTUjRW+4znLU7fqNXBgwzgWoIpJdF0 rpkjP3phOGXZWwiBhRmm5iYI08HFoBfF+EoPFN5Ucl7ZWz2uF0bQlbp3yqRoGRaO ZWY2LzPIdP5zSq7rqXDaVnNFuKF93J4ouZZwVMXA4yf5wmQ3silIeJlvxxphlet8 oXv2pkewq9A81RGMlgMDZMvawQvPGkOVgeBm1coajN1swNY8esW7N6J1+rtDL0mI sulaGZCeSM9ndg5VRU2lpClFdGEUZXT2hZ8NoMV6jj48c0gZBW3M82snGD4zeRqM dcezqg6o22ZxpogRJuRf41Y87ktE5o73wgj0xu72MQoxK86+Ek0= =BeQR -----END PGP SIGNATURE-----
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Moderate: Migration Toolkit for Containers (MTC) 1.6.3 security and bug fix update Advisory ID: RHSA-2022:0202-01 Product: Red Hat Migration Toolkit Advisory URL: https://access.redhat.com/errata/RHSA-2022:0202 Issue date: 2022-01-20 CVE Names: CVE-2016-4658 CVE-2018-5727 CVE-2018-5785 CVE-2018-20845 CVE-2018-20847 CVE-2018-25009 CVE-2018-25010 CVE-2018-25012 CVE-2018-25013 CVE-2018-25014 CVE-2019-5827 CVE-2019-12973 CVE-2019-13750 CVE-2019-13751 CVE-2019-17594 CVE-2019-17595 CVE-2019-18218 CVE-2019-19603 CVE-2019-20838 CVE-2020-10001 CVE-2020-12762 CVE-2020-13435 CVE-2020-13558 CVE-2020-14145 CVE-2020-14155 CVE-2020-15389 CVE-2020-16135 CVE-2020-17541 CVE-2020-18032 CVE-2020-24370 CVE-2020-24870 CVE-2020-27814 CVE-2020-27823 CVE-2020-27824 CVE-2020-27828 CVE-2020-27842 CVE-2020-27843 CVE-2020-27845 CVE-2020-27918 CVE-2020-29623 CVE-2020-35521 CVE-2020-35522 CVE-2020-35523 CVE-2020-35524 CVE-2020-36241 CVE-2020-36330 CVE-2020-36331 CVE-2020-36332 CVE-2021-1765 CVE-2021-1788 CVE-2021-1789 CVE-2021-1799 CVE-2021-1801 CVE-2021-1844 CVE-2021-1870 CVE-2021-1871 CVE-2021-3200 CVE-2021-3272 CVE-2021-3426 CVE-2021-3445 CVE-2021-3481 CVE-2021-3572 CVE-2021-3575 CVE-2021-3580 CVE-2021-3712 CVE-2021-3733 CVE-2021-3778 CVE-2021-3796 CVE-2021-3800 CVE-2021-3948 CVE-2021-20231 CVE-2021-20232 CVE-2021-20266 CVE-2021-20271 CVE-2021-20321 CVE-2021-21775 CVE-2021-21779 CVE-2021-21806 CVE-2021-22876 CVE-2021-22898 CVE-2021-22925 CVE-2021-22946 CVE-2021-22947 CVE-2021-26926 CVE-2021-26927 CVE-2021-27645 CVE-2021-28153 CVE-2021-28650 CVE-2021-29338 CVE-2021-30663 CVE-2021-30665 CVE-2021-30682 CVE-2021-30689 CVE-2021-30720 CVE-2021-30734 CVE-2021-30744 CVE-2021-30749 CVE-2021-30758 CVE-2021-30795 CVE-2021-30797 CVE-2021-30799 CVE-2021-31535 CVE-2021-33560 CVE-2021-33574 CVE-2021-33928 CVE-2021-33929 CVE-2021-33930 CVE-2021-33938 CVE-2021-35942 CVE-2021-36084 CVE-2021-36085 CVE-2021-36086 CVE-2021-36087 CVE-2021-37750 CVE-2021-41617 CVE-2021-42574 CVE-2021-43527 ==================================================================== 1. Summary:
The Migration Toolkit for Containers (MTC) 1.6.3 is now available.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Description:
The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.
Security Fix(es):
- mig-controller: incorrect namespaces handling may lead to not authorized usage of Migration Toolkit for Containers (MTC) (CVE-2021-3948)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- Solution:
For details on how to install and use MTC, refer to:
https://docs.openshift.com/container-platform/latest/migration_toolkit_for_containers/installing-mtc.html
- Bugs fixed (https://bugzilla.redhat.com/):
2019088 - "MigrationController" CR displays syntax error when unquiescing applications 2021666 - Route name longer than 63 characters causes direct volume migration to fail 2021668 - "MigrationController" CR ignores the "cluster_subdomain" value for direct volume migration routes 2022017 - CVE-2021-3948 mig-controller: incorrect namespaces handling may lead to not authorized usage of Migration Toolkit for Containers (MTC) 2024966 - Manifests not used by Operator Lifecycle Manager must be removed from the MTC 1.6 Operator image 2027196 - "migration-controller" pod goes into "CrashLoopBackoff" state if an invalid registry route is entered on the "Clusters" page of the web console 2027382 - "Copy oc describe/oc logs" window does not close automatically after timeout 2028841 - "rsync-client" container fails during direct volume migration with "Address family not supported by protocol" error 2031793 - "migration-controller" pod goes into "CrashLoopBackOff" state if "MigPlan" CR contains an invalid "includedResources" resource 2039852 - "migration-controller" pod goes into "CrashLoopBackOff" state if "MigPlan" CR contains an invalid "destMigClusterRef" or "srcMigClusterRef"
- References:
https://access.redhat.com/security/cve/CVE-2016-4658 https://access.redhat.com/security/cve/CVE-2018-5727 https://access.redhat.com/security/cve/CVE-2018-5785 https://access.redhat.com/security/cve/CVE-2018-20845 https://access.redhat.com/security/cve/CVE-2018-20847 https://access.redhat.com/security/cve/CVE-2018-25009 https://access.redhat.com/security/cve/CVE-2018-25010 https://access.redhat.com/security/cve/CVE-2018-25012 https://access.redhat.com/security/cve/CVE-2018-25013 https://access.redhat.com/security/cve/CVE-2018-25014 https://access.redhat.com/security/cve/CVE-2019-5827 https://access.redhat.com/security/cve/CVE-2019-12973 https://access.redhat.com/security/cve/CVE-2019-13750 https://access.redhat.com/security/cve/CVE-2019-13751 https://access.redhat.com/security/cve/CVE-2019-17594 https://access.redhat.com/security/cve/CVE-2019-17595 https://access.redhat.com/security/cve/CVE-2019-18218 https://access.redhat.com/security/cve/CVE-2019-19603 https://access.redhat.com/security/cve/CVE-2019-20838 https://access.redhat.com/security/cve/CVE-2020-10001 https://access.redhat.com/security/cve/CVE-2020-12762 https://access.redhat.com/security/cve/CVE-2020-13435 https://access.redhat.com/security/cve/CVE-2020-13558 https://access.redhat.com/security/cve/CVE-2020-14145 https://access.redhat.com/security/cve/CVE-2020-14155 https://access.redhat.com/security/cve/CVE-2020-15389 https://access.redhat.com/security/cve/CVE-2020-16135 https://access.redhat.com/security/cve/CVE-2020-17541 https://access.redhat.com/security/cve/CVE-2020-18032 https://access.redhat.com/security/cve/CVE-2020-24370 https://access.redhat.com/security/cve/CVE-2020-24870 https://access.redhat.com/security/cve/CVE-2020-27814 https://access.redhat.com/security/cve/CVE-2020-27823 https://access.redhat.com/security/cve/CVE-2020-27824 https://access.redhat.com/security/cve/CVE-2020-27828 https://access.redhat.com/security/cve/CVE-2020-27842 https://access.redhat.com/security/cve/CVE-2020-27843 https://access.redhat.com/security/cve/CVE-2020-27845 https://access.redhat.com/security/cve/CVE-2020-27918 https://access.redhat.com/security/cve/CVE-2020-29623 https://access.redhat.com/security/cve/CVE-2020-35521 https://access.redhat.com/security/cve/CVE-2020-35522 https://access.redhat.com/security/cve/CVE-2020-35523 https://access.redhat.com/security/cve/CVE-2020-35524 https://access.redhat.com/security/cve/CVE-2020-36241 https://access.redhat.com/security/cve/CVE-2020-36330 https://access.redhat.com/security/cve/CVE-2020-36331 https://access.redhat.com/security/cve/CVE-2020-36332 https://access.redhat.com/security/cve/CVE-2021-1765 https://access.redhat.com/security/cve/CVE-2021-1788 https://access.redhat.com/security/cve/CVE-2021-1789 https://access.redhat.com/security/cve/CVE-2021-1799 https://access.redhat.com/security/cve/CVE-2021-1801 https://access.redhat.com/security/cve/CVE-2021-1844 https://access.redhat.com/security/cve/CVE-2021-1870 https://access.redhat.com/security/cve/CVE-2021-1871 https://access.redhat.com/security/cve/CVE-2021-3200 https://access.redhat.com/security/cve/CVE-2021-3272 https://access.redhat.com/security/cve/CVE-2021-3426 https://access.redhat.com/security/cve/CVE-2021-3445 https://access.redhat.com/security/cve/CVE-2021-3481 https://access.redhat.com/security/cve/CVE-2021-3572 https://access.redhat.com/security/cve/CVE-2021-3575 https://access.redhat.com/security/cve/CVE-2021-3580 https://access.redhat.com/security/cve/CVE-2021-3712 https://access.redhat.com/security/cve/CVE-2021-3733 https://access.redhat.com/security/cve/CVE-2021-3778 https://access.redhat.com/security/cve/CVE-2021-3796 https://access.redhat.com/security/cve/CVE-2021-3800 https://access.redhat.com/security/cve/CVE-2021-3948 https://access.redhat.com/security/cve/CVE-2021-20231 https://access.redhat.com/security/cve/CVE-2021-20232 https://access.redhat.com/security/cve/CVE-2021-20266 https://access.redhat.com/security/cve/CVE-2021-20271 https://access.redhat.com/security/cve/CVE-2021-20321 https://access.redhat.com/security/cve/CVE-2021-21775 https://access.redhat.com/security/cve/CVE-2021-21779 https://access.redhat.com/security/cve/CVE-2021-21806 https://access.redhat.com/security/cve/CVE-2021-22876 https://access.redhat.com/security/cve/CVE-2021-22898 https://access.redhat.com/security/cve/CVE-2021-22925 https://access.redhat.com/security/cve/CVE-2021-22946 https://access.redhat.com/security/cve/CVE-2021-22947 https://access.redhat.com/security/cve/CVE-2021-26926 https://access.redhat.com/security/cve/CVE-2021-26927 https://access.redhat.com/security/cve/CVE-2021-27645 https://access.redhat.com/security/cve/CVE-2021-28153 https://access.redhat.com/security/cve/CVE-2021-28650 https://access.redhat.com/security/cve/CVE-2021-29338 https://access.redhat.com/security/cve/CVE-2021-30663 https://access.redhat.com/security/cve/CVE-2021-30665 https://access.redhat.com/security/cve/CVE-2021-30682 https://access.redhat.com/security/cve/CVE-2021-30689 https://access.redhat.com/security/cve/CVE-2021-30720 https://access.redhat.com/security/cve/CVE-2021-30734 https://access.redhat.com/security/cve/CVE-2021-30744 https://access.redhat.com/security/cve/CVE-2021-30749 https://access.redhat.com/security/cve/CVE-2021-30758 https://access.redhat.com/security/cve/CVE-2021-30795 https://access.redhat.com/security/cve/CVE-2021-30797 https://access.redhat.com/security/cve/CVE-2021-30799 https://access.redhat.com/security/cve/CVE-2021-31535 https://access.redhat.com/security/cve/CVE-2021-33560 https://access.redhat.com/security/cve/CVE-2021-33574 https://access.redhat.com/security/cve/CVE-2021-33928 https://access.redhat.com/security/cve/CVE-2021-33929 https://access.redhat.com/security/cve/CVE-2021-33930 https://access.redhat.com/security/cve/CVE-2021-33938 https://access.redhat.com/security/cve/CVE-2021-35942 https://access.redhat.com/security/cve/CVE-2021-36084 https://access.redhat.com/security/cve/CVE-2021-36085 https://access.redhat.com/security/cve/CVE-2021-36086 https://access.redhat.com/security/cve/CVE-2021-36087 https://access.redhat.com/security/cve/CVE-2021-37750 https://access.redhat.com/security/cve/CVE-2021-41617 https://access.redhat.com/security/cve/CVE-2021-42574 https://access.redhat.com/security/cve/CVE-2021-43527 https://access.redhat.com/security/updates/classification/#moderate
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBYelE49zjgjWX9erEAQjSRRAApKO30btZGnyA5feQQvEWah03Rb0Fdq4Z lZrWNkwHcj42c3dvonp8WHc6ROQoXRr9myr+EXyji3/lKDPWes4HQ0u70WM2v2RE qLqCnv6fT0/kJ0/liAsVlzyBsjBzf19Q8KT2cN/GslvfaFEPg3AqtEXVx51glDfB D9c3BSCdA5OBzmVW/7Em18Gtg197tl1lhfRZrd0xOmJm9uiZcbgAr77FCgYel9OS pjcemaheHSJ48dhp+r1D7FSRhCo7/OBcB/DM1jAqWKiT6LmiBE4zJ3HtepCMVDKJ SUDpn2vW29jQBhb+pTI8lSyPO0u2qqsF5qMnIYfCj2tigaW5AdevVZvBftd1d+9j AGdcOaPyKzqrp3sq2/oCe1o1KqUGMFXOAEbITK+7KagACKbA9UoF9VHgALZFzUMm iNXoQh/zpWwSWkp4YWukz2nTqcgJEL40w6loShfU5jKSDcz9J5jekYWTPTVAZrOm 4fxUhijdK+sqQEifhtPfSoxm1JSIScGcSry4qwbfJ87RJInYbINMjci/CwMaYDDu D/oowaQZdpWT8X080arwo7utlnczQ/d9nzEWvpPSkUXELBfOdyQy4X2j/L+n2Tt5 8H3Gpjj/VksCUzwv5aVtRCcgI+mJnVpET0MRMS+HMf1o8T8yetJTYunwWEyKNYJv kUeopBhYilY Zl -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce .
Alternatively, on your watch, select "My Watch > General > About". CVE-2021-30661: yangkang (@dnpushme)&zerokeeper&bianliang of 360 ATA
Installation note:
This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Debian Security Advisory DSA-4945-1 security@debian.org https://www.debian.org/security/ Alberto Garcia July 28, 2021 https://www.debian.org/security/faq
Package : webkit2gtk CVE ID : CVE-2021-21775 CVE-2021-21779 CVE-2021-30663 CVE-2021-30665 CVE-2021-30689 CVE-2021-30720 CVE-2021-30734 CVE-2021-30744 CVE-2021-30749 CVE-2021-30758 CVE-2021-30795 CVE-2021-30797 CVE-2021-30799
The following vulnerabilities have been discovered in the webkit2gtk web engine:
CVE-2021-21775
Marcin Towalski discovered that a specially crafted web page can
lead to a potential information leak and further memory
corruption. In order to trigger the vulnerability, a victim must
be tricked into visiting a malicious webpage.
CVE-2021-21779
Marcin Towalski discovered that a specially crafted web page can
lead to a potential information leak and further memory
corruption. In order to trigger the vulnerability, a victim must
be tricked into visiting a malicious webpage.
CVE-2021-30720
David Schutz discovered that a malicious website may be able to
access restricted ports on arbitrary servers.
For the stable distribution (buster), these problems have been fixed in version 2.32.3-1~deb10u1.
We recommend that you upgrade your webkit2gtk packages
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202109-1315",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "iphone os",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "13.0"
},
{
"model": "ipados",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "14.5.1"
},
{
"model": "tvos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "14.6"
},
{
"model": "iphone os",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "12.5.3"
},
{
"model": "macos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "11.3.1"
},
{
"model": "iphone os",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "14.5.1"
},
{
"model": "watchos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "7.4.1"
},
{
"model": "ipados",
"scope": null,
"trust": 0.8,
"vendor": "\u30a2\u30c3\u30d7\u30eb",
"version": null
},
{
"model": "macos",
"scope": null,
"trust": 0.8,
"vendor": "\u30a2\u30c3\u30d7\u30eb",
"version": null
},
{
"model": "ios",
"scope": null,
"trust": 0.8,
"vendor": "\u30a2\u30c3\u30d7\u30eb",
"version": null
},
{
"model": "watchos",
"scope": null,
"trust": 0.8,
"vendor": "\u30a2\u30c3\u30d7\u30eb",
"version": null
},
{
"model": "tvos",
"scope": null,
"trust": 0.8,
"vendor": "\u30a2\u30c3\u30d7\u30eb",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-013501"
},
{
"db": "NVD",
"id": "CVE-2021-30665"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.6",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "7.4.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.5.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.5.1",
"versionStartIncluding": "13.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.5.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.3.1",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-30665"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple",
"sources": [
{
"db": "PACKETSTORM",
"id": "162825"
},
{
"db": "PACKETSTORM",
"id": "162448"
},
{
"db": "PACKETSTORM",
"id": "162452"
},
{
"db": "PACKETSTORM",
"id": "162449"
},
{
"db": "PACKETSTORM",
"id": "162447"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-060"
}
],
"trust": 1.1
},
"cve": "CVE-2021-30665",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2021-30665",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-390398",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2021-30665",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2021-30665",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202105-060",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-390398",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-390398"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-013501"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-060"
},
{
"db": "NVD",
"id": "CVE-2021-30665"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 7.4.1, iOS 14.5.1 and iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, macOS Big Sur 11.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. plural Apple The product contains a vulnerability related to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Apple Safari is a web browser of Apple (Apple), the default browser included with Mac OS X and iOS operating systems. A buffer error vulnerability exists in Apple Safari that stems from a bounds error in WebKit. A remote attacker could exploit this vulnerability to execute arbitrary code on the target system. The following products and versions are affected: Apple Safari: 14.0, 14.0.1, 14.0.2, 14.0.3, 14.0.3-14610.4.3.1.7, 14.0.3-15610.4.3.1.7, 14.1. APPLE-SA-2021-05-03-3 watchOS 7.4.1. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nAPPLE-SA-2021-05-25-7 tvOS 14.6\n\ntvOS 14.6 addresses the following issues. \nInformation about the security content is also available at\nhttps://support.apple.com/HT212532. \n\nAudio\nAvailable for: Apple TV 4K and Apple TV HD\nImpact: Processing a maliciously crafted audio file may lead to\narbitrary code execution\nDescription: This issue was addressed with improved checks. \nCVE-2021-30707: hjy79425575 working with Trend Micro Zero Day\nInitiative\n\nAudio\nAvailable for: Apple TV 4K and Apple TV HD\nImpact: Parsing a maliciously crafted audio file may lead to\ndisclosure of user information\nDescription: This issue was addressed with improved checks. \nCVE-2021-30685: Mickey Jin (@patch1t) of Trend Micro\n\nCoreAudio\nAvailable for: Apple TV 4K and Apple TV HD\nImpact: Processing a maliciously crafted audio file may disclose\nrestricted memory\nDescription: An out-of-bounds read was addressed with improved bounds\nchecking. \nCVE-2021-30686: Mickey Jin of Trend Micro\n\nCrash Reporter\nAvailable for: Apple TV 4K and Apple TV HD\nImpact: A malicious application may be able to modify protected parts\nof the file system\nDescription: A logic issue was addressed with improved state\nmanagement. \nCVE-2021-30727: Cees Elzinga\n\nCVMS\nAvailable for: Apple TV 4K and Apple TV HD\nImpact: A local attacker may be able to elevate their privileges\nDescription: This issue was addressed with improved checks. \nCVE-2021-30724: Mickey Jin (@patch1t) of Trend Micro\n\nHeimdal\nAvailable for: Apple TV 4K and Apple TV HD\nImpact: A local user may be able to leak sensitive user information\nDescription: A logic issue was addressed with improved state\nmanagement. \nCVE-2021-30697: Gabe Kirkpatrick (@gabe_k)\n\nHeimdal\nAvailable for: Apple TV 4K and Apple TV HD\nImpact: A malicious application may cause a denial of service or\npotentially disclose memory contents\nDescription: A memory corruption issue was addressed with improved\nstate management. \nCVE-2021-30710: Gabe Kirkpatrick (@gabe_k)\n\nImageIO\nAvailable for: Apple TV 4K and Apple TV HD\nImpact: Processing a maliciously crafted image may lead to disclosure\nof user information\nDescription: An out-of-bounds read was addressed with improved bounds\nchecking. \nCVE-2021-30687: Hou JingYi (@hjy79425575) of Qihoo 360\n\nImageIO\nAvailable for: Apple TV 4K and Apple TV HD\nImpact: Processing a maliciously crafted image may lead to disclosure\nof user information\nDescription: This issue was addressed with improved checks. \nCVE-2021-30700: Ye Zhang(@co0py_Cat) of Baidu Security\n\nImageIO\nAvailable for: Apple TV 4K and Apple TV HD\nImpact: Processing a maliciously crafted image may lead to arbitrary\ncode execution\nDescription: This issue was addressed with improved checks. \nCVE-2021-30701: Mickey Jin (@patch1t) of Trend Micro and Ye Zhang of\nBaidu Security\n\nImageIO\nAvailable for: Apple TV 4K and Apple TV HD\nImpact: Processing a maliciously crafted ASTC file may disclose\nmemory contents\nDescription: This issue was addressed with improved checks. \nCVE-2021-30705: Ye Zhang of Baidu Security\n\nKernel\nAvailable for: Apple TV 4K and Apple TV HD\nImpact: A malicious application may be able to execute arbitrary code\nwith kernel privileges\nDescription: A logic issue was addressed with improved validation. \nCVE-2021-30740: Linus Henze (pinauten.de)\n\nKernel\nAvailable for: Apple TV 4K and Apple TV HD\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A logic issue was addressed with improved state\nmanagement. \nCVE-2021-30704: an anonymous researcher\n\nKernel\nAvailable for: Apple TV 4K and Apple TV HD\nImpact: Processing a maliciously crafted message may lead to a denial\nof service\nDescription: A logic issue was addressed with improved state\nmanagement. \nCVE-2021-30715: The UK\u0027s National Cyber Security Centre (NCSC)\n\nKernel\nAvailable for: Apple TV 4K and Apple TV HD\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A buffer overflow was addressed with improved size\nvalidation. \nCVE-2021-30736: Ian Beer of Google Project Zero\n\nLaunchServices\nAvailable for: Apple TV 4K and Apple TV HD\nImpact: A malicious application may be able to break out of its\nsandbox\nDescription: This issue was addressed with improved environment\nsanitization. \nCVE-2021-30677: Ron Waisberg (@epsilan)\n\nSecurity\nAvailable for: Apple TV 4K and Apple TV HD\nImpact: Processing a maliciously crafted certificate may lead to\narbitrary code execution\nDescription: A memory corruption issue in the ASN.1 decoder was\naddressed by removing the vulnerable code. \nCVE-2021-30665: yangkang (@dnpushme)\u0026zerokeeper\u0026bianliang of 360 ATA\n\nWebKit\nAvailable for: Apple TV 4K and Apple TV HD\nImpact: Processing maliciously crafted web content may lead to\nuniversal cross site scripting\nDescription: A cross-origin issue with iframe elements was addressed\nwith improved tracking of security origins. \nCVE-2021-21779: Marcin Towalski of Cisco Talos\n\nWebKit\nAvailable for: Apple TV 4K and Apple TV HD\nImpact: A malicious application may be able to leak sensitive user\ninformation\nDescription: A logic issue was addressed with improved restrictions. \nCVE-2021-30682: an anonymous researcher and 1lastBr3ath\n\nWebKit\nAvailable for: Apple TV 4K and Apple TV HD\nImpact: Processing maliciously crafted web content may lead to\nuniversal cross site scripting\nDescription: A logic issue was addressed with improved state\nmanagement. \nCVE-2021-30749: an anonymous researcher and mipu94 of SEFCOM lab,\nASU. working with Trend Micro Zero Day Initiative\nCVE-2021-30734: Jack Dates of RET2 Systems, Inc. (@ret2systems)\nworking with Trend Micro Zero Day Initiative\n\nWebKit\nAvailable for: Apple TV 4K and Apple TV HD\nImpact: A malicious website may be able to access restricted ports on\narbitrary servers\nDescription: A logic issue was addressed with improved restrictions. \nDescription: An integer overflow was addressed with improved input\nvalidation. \nCVE-2021-30663: an anonymous researcher\n\nAdditional recognition\n\nImageIO\nWe would like to acknowledge Jzhu working with Trend Micro Zero Day\nInitiative and an anonymous researcher for their assistance. \n\nWebKit\nWe would like to acknowledge Chris Salls (@salls) of Makai Security\nfor their assistance. \n\nApple TV will periodically check for software updates. Alternatively,\nyou may manually check for software updates by selecting\n\"Settings -\u003e System -\u003e Software Update -\u003e Update Software.\"\n\nTo check the current version of software, select\n\"Settings -\u003e General -\u003e About.\"\nInformation will also be posted to the Apple Security Updates\nweb site: https://support.apple.com/kb/HT201222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\n\niQIzBAEBCAAdFiEEbURczHs1TP07VIfuZcsbuWJ6jjAFAmCtU9MACgkQZcsbuWJ6\njjBzuhAAmXJik2L+PmRMzs6dd1QcCSwHYi0KLG0ERapHKJsFcm5+xpv87a4AFO4p\n3E6+5w9wQSWVEsQG1PIvuyV3M81xuu8xY88tAD1ce1qGA4Dny4E7RU08Y0l43j/x\nd1RemCf0TjwYpvX34/GaOspxFQYnRo1gWsU1v7bieF8vMHZmUOlgiNep0UEG3Kuq\n7IAAsfzWS43a+nkefSDWEujMNwbg1SZKua/+BXgZC7AOXdAHItqyNBFIerUc2uSf\nReHLZ5BNBKw9OsL9qoJsiLCmwxKrpUTzpQahu2gybZf65nza6QPOTohqqWq79EOD\nmIqOW4SQ5mVSrzMh+GB9EovMY+l5YgyHwObTUjRW+4znLU7fqNXBgwzgWoIpJdF0\nrpkjP3phOGXZWwiBhRmm5iYI08HFoBfF+EoPFN5Ucl7ZWz2uF0bQlbp3yqRoGRaO\nZWY2LzPIdP5zSq7rqXDaVnNFuKF93J4ouZZwVMXA4yf5wmQ3silIeJlvxxphlet8\noXv2pkewq9A81RGMlgMDZMvawQvPGkOVgeBm1coajN1swNY8esW7N6J1+rtDL0mI\nsulaGZCeSM9ndg5VRU2lpClFdGEUZXT2hZ8NoMV6jj48c0gZBW3M82snGD4zeRqM\ndcezqg6o22ZxpogRJuRf41Y87ktE5o73wgj0xu72MQoxK86+Ek0=\n=BeQR\n-----END PGP SIGNATURE-----\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Moderate: Migration Toolkit for Containers (MTC) 1.6.3 security and bug fix update\nAdvisory ID: RHSA-2022:0202-01\nProduct: Red Hat Migration Toolkit\nAdvisory URL: https://access.redhat.com/errata/RHSA-2022:0202\nIssue date: 2022-01-20\nCVE Names: CVE-2016-4658 CVE-2018-5727 CVE-2018-5785\n CVE-2018-20845 CVE-2018-20847 CVE-2018-25009\n CVE-2018-25010 CVE-2018-25012 CVE-2018-25013\n CVE-2018-25014 CVE-2019-5827 CVE-2019-12973\n CVE-2019-13750 CVE-2019-13751 CVE-2019-17594\n CVE-2019-17595 CVE-2019-18218 CVE-2019-19603\n CVE-2019-20838 CVE-2020-10001 CVE-2020-12762\n CVE-2020-13435 CVE-2020-13558 CVE-2020-14145\n CVE-2020-14155 CVE-2020-15389 CVE-2020-16135\n CVE-2020-17541 CVE-2020-18032 CVE-2020-24370\n CVE-2020-24870 CVE-2020-27814 CVE-2020-27823\n CVE-2020-27824 CVE-2020-27828 CVE-2020-27842\n CVE-2020-27843 CVE-2020-27845 CVE-2020-27918\n CVE-2020-29623 CVE-2020-35521 CVE-2020-35522\n CVE-2020-35523 CVE-2020-35524 CVE-2020-36241\n CVE-2020-36330 CVE-2020-36331 CVE-2020-36332\n CVE-2021-1765 CVE-2021-1788 CVE-2021-1789\n CVE-2021-1799 CVE-2021-1801 CVE-2021-1844\n CVE-2021-1870 CVE-2021-1871 CVE-2021-3200\n CVE-2021-3272 CVE-2021-3426 CVE-2021-3445\n CVE-2021-3481 CVE-2021-3572 CVE-2021-3575\n CVE-2021-3580 CVE-2021-3712 CVE-2021-3733\n CVE-2021-3778 CVE-2021-3796 CVE-2021-3800\n CVE-2021-3948 CVE-2021-20231 CVE-2021-20232\n CVE-2021-20266 CVE-2021-20271 CVE-2021-20321\n CVE-2021-21775 CVE-2021-21779 CVE-2021-21806\n CVE-2021-22876 CVE-2021-22898 CVE-2021-22925\n CVE-2021-22946 CVE-2021-22947 CVE-2021-26926\n CVE-2021-26927 CVE-2021-27645 CVE-2021-28153\n CVE-2021-28650 CVE-2021-29338 CVE-2021-30663\n CVE-2021-30665 CVE-2021-30682 CVE-2021-30689\n CVE-2021-30720 CVE-2021-30734 CVE-2021-30744\n CVE-2021-30749 CVE-2021-30758 CVE-2021-30795\n CVE-2021-30797 CVE-2021-30799 CVE-2021-31535\n CVE-2021-33560 CVE-2021-33574 CVE-2021-33928\n CVE-2021-33929 CVE-2021-33930 CVE-2021-33938\n CVE-2021-35942 CVE-2021-36084 CVE-2021-36085\n CVE-2021-36086 CVE-2021-36087 CVE-2021-37750\n CVE-2021-41617 CVE-2021-42574 CVE-2021-43527\n====================================================================\n1. Summary:\n\nThe Migration Toolkit for Containers (MTC) 1.6.3 is now available. \n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Description:\n\nThe Migration Toolkit for Containers (MTC) enables you to migrate\nKubernetes resources, persistent volume data, and internal container images\nbetween OpenShift Container Platform clusters, using the MTC web console or\nthe Kubernetes API. \n\nSecurity Fix(es):\n\n* mig-controller: incorrect namespaces handling may lead to not authorized\nusage of Migration Toolkit for Containers (MTC) (CVE-2021-3948)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\n3. Solution:\n\nFor details on how to install and use MTC, refer to:\n\nhttps://docs.openshift.com/container-platform/latest/migration_toolkit_for_containers/installing-mtc.html\n\n4. Bugs fixed (https://bugzilla.redhat.com/):\n\n2019088 - \"MigrationController\" CR displays syntax error when unquiescing applications\n2021666 - Route name longer than 63 characters causes direct volume migration to fail\n2021668 - \"MigrationController\" CR ignores the \"cluster_subdomain\" value for direct volume migration routes\n2022017 - CVE-2021-3948 mig-controller: incorrect namespaces handling may lead to not authorized usage of Migration Toolkit for Containers (MTC)\n2024966 - Manifests not used by Operator Lifecycle Manager must be removed from the MTC 1.6 Operator image\n2027196 - \"migration-controller\" pod goes into \"CrashLoopBackoff\" state if an invalid registry route is entered on the \"Clusters\" page of the web console\n2027382 - \"Copy oc describe/oc logs\" window does not close automatically after timeout\n2028841 - \"rsync-client\" container fails during direct volume migration with \"Address family not supported by protocol\" error\n2031793 - \"migration-controller\" pod goes into \"CrashLoopBackOff\" state if \"MigPlan\" CR contains an invalid \"includedResources\" resource\n2039852 - \"migration-controller\" pod goes into \"CrashLoopBackOff\" state if \"MigPlan\" CR contains an invalid \"destMigClusterRef\" or \"srcMigClusterRef\"\n\n5. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-4658\nhttps://access.redhat.com/security/cve/CVE-2018-5727\nhttps://access.redhat.com/security/cve/CVE-2018-5785\nhttps://access.redhat.com/security/cve/CVE-2018-20845\nhttps://access.redhat.com/security/cve/CVE-2018-20847\nhttps://access.redhat.com/security/cve/CVE-2018-25009\nhttps://access.redhat.com/security/cve/CVE-2018-25010\nhttps://access.redhat.com/security/cve/CVE-2018-25012\nhttps://access.redhat.com/security/cve/CVE-2018-25013\nhttps://access.redhat.com/security/cve/CVE-2018-25014\nhttps://access.redhat.com/security/cve/CVE-2019-5827\nhttps://access.redhat.com/security/cve/CVE-2019-12973\nhttps://access.redhat.com/security/cve/CVE-2019-13750\nhttps://access.redhat.com/security/cve/CVE-2019-13751\nhttps://access.redhat.com/security/cve/CVE-2019-17594\nhttps://access.redhat.com/security/cve/CVE-2019-17595\nhttps://access.redhat.com/security/cve/CVE-2019-18218\nhttps://access.redhat.com/security/cve/CVE-2019-19603\nhttps://access.redhat.com/security/cve/CVE-2019-20838\nhttps://access.redhat.com/security/cve/CVE-2020-10001\nhttps://access.redhat.com/security/cve/CVE-2020-12762\nhttps://access.redhat.com/security/cve/CVE-2020-13435\nhttps://access.redhat.com/security/cve/CVE-2020-13558\nhttps://access.redhat.com/security/cve/CVE-2020-14145\nhttps://access.redhat.com/security/cve/CVE-2020-14155\nhttps://access.redhat.com/security/cve/CVE-2020-15389\nhttps://access.redhat.com/security/cve/CVE-2020-16135\nhttps://access.redhat.com/security/cve/CVE-2020-17541\nhttps://access.redhat.com/security/cve/CVE-2020-18032\nhttps://access.redhat.com/security/cve/CVE-2020-24370\nhttps://access.redhat.com/security/cve/CVE-2020-24870\nhttps://access.redhat.com/security/cve/CVE-2020-27814\nhttps://access.redhat.com/security/cve/CVE-2020-27823\nhttps://access.redhat.com/security/cve/CVE-2020-27824\nhttps://access.redhat.com/security/cve/CVE-2020-27828\nhttps://access.redhat.com/security/cve/CVE-2020-27842\nhttps://access.redhat.com/security/cve/CVE-2020-27843\nhttps://access.redhat.com/security/cve/CVE-2020-27845\nhttps://access.redhat.com/security/cve/CVE-2020-27918\nhttps://access.redhat.com/security/cve/CVE-2020-29623\nhttps://access.redhat.com/security/cve/CVE-2020-35521\nhttps://access.redhat.com/security/cve/CVE-2020-35522\nhttps://access.redhat.com/security/cve/CVE-2020-35523\nhttps://access.redhat.com/security/cve/CVE-2020-35524\nhttps://access.redhat.com/security/cve/CVE-2020-36241\nhttps://access.redhat.com/security/cve/CVE-2020-36330\nhttps://access.redhat.com/security/cve/CVE-2020-36331\nhttps://access.redhat.com/security/cve/CVE-2020-36332\nhttps://access.redhat.com/security/cve/CVE-2021-1765\nhttps://access.redhat.com/security/cve/CVE-2021-1788\nhttps://access.redhat.com/security/cve/CVE-2021-1789\nhttps://access.redhat.com/security/cve/CVE-2021-1799\nhttps://access.redhat.com/security/cve/CVE-2021-1801\nhttps://access.redhat.com/security/cve/CVE-2021-1844\nhttps://access.redhat.com/security/cve/CVE-2021-1870\nhttps://access.redhat.com/security/cve/CVE-2021-1871\nhttps://access.redhat.com/security/cve/CVE-2021-3200\nhttps://access.redhat.com/security/cve/CVE-2021-3272\nhttps://access.redhat.com/security/cve/CVE-2021-3426\nhttps://access.redhat.com/security/cve/CVE-2021-3445\nhttps://access.redhat.com/security/cve/CVE-2021-3481\nhttps://access.redhat.com/security/cve/CVE-2021-3572\nhttps://access.redhat.com/security/cve/CVE-2021-3575\nhttps://access.redhat.com/security/cve/CVE-2021-3580\nhttps://access.redhat.com/security/cve/CVE-2021-3712\nhttps://access.redhat.com/security/cve/CVE-2021-3733\nhttps://access.redhat.com/security/cve/CVE-2021-3778\nhttps://access.redhat.com/security/cve/CVE-2021-3796\nhttps://access.redhat.com/security/cve/CVE-2021-3800\nhttps://access.redhat.com/security/cve/CVE-2021-3948\nhttps://access.redhat.com/security/cve/CVE-2021-20231\nhttps://access.redhat.com/security/cve/CVE-2021-20232\nhttps://access.redhat.com/security/cve/CVE-2021-20266\nhttps://access.redhat.com/security/cve/CVE-2021-20271\nhttps://access.redhat.com/security/cve/CVE-2021-20321\nhttps://access.redhat.com/security/cve/CVE-2021-21775\nhttps://access.redhat.com/security/cve/CVE-2021-21779\nhttps://access.redhat.com/security/cve/CVE-2021-21806\nhttps://access.redhat.com/security/cve/CVE-2021-22876\nhttps://access.redhat.com/security/cve/CVE-2021-22898\nhttps://access.redhat.com/security/cve/CVE-2021-22925\nhttps://access.redhat.com/security/cve/CVE-2021-22946\nhttps://access.redhat.com/security/cve/CVE-2021-22947\nhttps://access.redhat.com/security/cve/CVE-2021-26926\nhttps://access.redhat.com/security/cve/CVE-2021-26927\nhttps://access.redhat.com/security/cve/CVE-2021-27645\nhttps://access.redhat.com/security/cve/CVE-2021-28153\nhttps://access.redhat.com/security/cve/CVE-2021-28650\nhttps://access.redhat.com/security/cve/CVE-2021-29338\nhttps://access.redhat.com/security/cve/CVE-2021-30663\nhttps://access.redhat.com/security/cve/CVE-2021-30665\nhttps://access.redhat.com/security/cve/CVE-2021-30682\nhttps://access.redhat.com/security/cve/CVE-2021-30689\nhttps://access.redhat.com/security/cve/CVE-2021-30720\nhttps://access.redhat.com/security/cve/CVE-2021-30734\nhttps://access.redhat.com/security/cve/CVE-2021-30744\nhttps://access.redhat.com/security/cve/CVE-2021-30749\nhttps://access.redhat.com/security/cve/CVE-2021-30758\nhttps://access.redhat.com/security/cve/CVE-2021-30795\nhttps://access.redhat.com/security/cve/CVE-2021-30797\nhttps://access.redhat.com/security/cve/CVE-2021-30799\nhttps://access.redhat.com/security/cve/CVE-2021-31535\nhttps://access.redhat.com/security/cve/CVE-2021-33560\nhttps://access.redhat.com/security/cve/CVE-2021-33574\nhttps://access.redhat.com/security/cve/CVE-2021-33928\nhttps://access.redhat.com/security/cve/CVE-2021-33929\nhttps://access.redhat.com/security/cve/CVE-2021-33930\nhttps://access.redhat.com/security/cve/CVE-2021-33938\nhttps://access.redhat.com/security/cve/CVE-2021-35942\nhttps://access.redhat.com/security/cve/CVE-2021-36084\nhttps://access.redhat.com/security/cve/CVE-2021-36085\nhttps://access.redhat.com/security/cve/CVE-2021-36086\nhttps://access.redhat.com/security/cve/CVE-2021-36087\nhttps://access.redhat.com/security/cve/CVE-2021-37750\nhttps://access.redhat.com/security/cve/CVE-2021-41617\nhttps://access.redhat.com/security/cve/CVE-2021-42574\nhttps://access.redhat.com/security/cve/CVE-2021-43527\nhttps://access.redhat.com/security/updates/classification/#moderate\n\n6. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2022 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBYelE49zjgjWX9erEAQjSRRAApKO30btZGnyA5feQQvEWah03Rb0Fdq4Z\nlZrWNkwHcj42c3dvonp8WHc6ROQoXRr9myr+EXyji3/lKDPWes4HQ0u70WM2v2RE\nqLqCnv6fT0/kJ0/liAsVlzyBsjBzf19Q8KT2cN/GslvfaFEPg3AqtEXVx51glDfB\nD9c3BSCdA5OBzmVW/7Em18Gtg197tl1lhfRZrd0xOmJm9uiZcbgAr77FCgYel9OS\npjcemaheHSJ48dhp+r1D7FSRhCo7/OBcB/DM1jAqWKiT6LmiBE4zJ3HtepCMVDKJ\nSUDpn2vW29jQBhb+pTI8lSyPO0u2qqsF5qMnIYfCj2tigaW5AdevVZvBftd1d+9j\nAGdcOaPyKzqrp3sq2/oCe1o1KqUGMFXOAEbITK+7KagACKbA9UoF9VHgALZFzUMm\niNXoQh/zpWwSWkp4YWukz2nTqcgJEL40w6loShfU5jKSDcz9J5jekYWTPTVAZrOm\n4fxUhijdK+sqQEifhtPfSoxm1JSIScGcSry4qwbfJ87RJInYbINMjci/CwMaYDDu\nD/oowaQZdpWT8X080arwo7utlnczQ/d9nzEWvpPSkUXELBfOdyQy4X2j/L+n2Tt5\n8H3Gpjj/VksCUzwv5aVtRCcgI+mJnVpET0MRMS+HMf1o8T8yetJTYunwWEyKNYJv\nkUeopBhYilY\u001cZl\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://listman.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nAlternatively, on your watch, select \"My Watch \u003e General \u003e About\". \nCVE-2021-30661: yangkang (@dnpushme)\u0026zerokeeper\u0026bianliang of 360 ATA\n\nInstallation note:\n\nThis update is available through iTunes and Software Update on your\niOS device, and will not appear in your computer\u0027s Software Update\napplication, or in the Apple Downloads site. Make sure you have an\nInternet connection and have installed the latest version of iTunes\nfrom https://www.apple.com/itunes/\n\niTunes and Software Update on the device will automatically check\nApple\u0027s update server on its weekly schedule. When an update is\ndetected, it is downloaded and the option to be installed is\npresented to the user when the iOS device is docked. We recommend\napplying the update immediately if possible. Selecting Don\u0027t Install\nwill present the option the next time you connect your iOS device. \nThe automatic update process may take up to a week depending on the\nday that iTunes or the device checks for updates. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4945-1 security@debian.org\nhttps://www.debian.org/security/ Alberto Garcia\nJuly 28, 2021 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : webkit2gtk\nCVE ID : CVE-2021-21775 CVE-2021-21779 CVE-2021-30663 CVE-2021-30665\n CVE-2021-30689 CVE-2021-30720 CVE-2021-30734 CVE-2021-30744\n CVE-2021-30749 CVE-2021-30758 CVE-2021-30795 CVE-2021-30797\n CVE-2021-30799\n\nThe following vulnerabilities have been discovered in the webkit2gtk\nweb engine:\n\nCVE-2021-21775\n\n Marcin Towalski discovered that a specially crafted web page can\n lead to a potential information leak and further memory\n corruption. In order to trigger the vulnerability, a victim must\n be tricked into visiting a malicious webpage. \n\nCVE-2021-21779\n\n Marcin Towalski discovered that a specially crafted web page can\n lead to a potential information leak and further memory\n corruption. In order to trigger the vulnerability, a victim must\n be tricked into visiting a malicious webpage. \n\nCVE-2021-30720\n\n David Schutz discovered that a malicious website may be able to\n access restricted ports on arbitrary servers. \n\nFor the stable distribution (buster), these problems have been fixed in\nversion 2.32.3-1~deb10u1. \n\nWe recommend that you upgrade your webkit2gtk packages",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-30665"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-013501"
},
{
"db": "VULHUB",
"id": "VHN-390398"
},
{
"db": "VULMON",
"id": "CVE-2021-30665"
},
{
"db": "PACKETSTORM",
"id": "162825"
},
{
"db": "PACKETSTORM",
"id": "165631"
},
{
"db": "PACKETSTORM",
"id": "162448"
},
{
"db": "PACKETSTORM",
"id": "162452"
},
{
"db": "PACKETSTORM",
"id": "162449"
},
{
"db": "PACKETSTORM",
"id": "162447"
},
{
"db": "PACKETSTORM",
"id": "169087"
}
],
"trust": 2.43
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-390398",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-390398"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-30665",
"trust": 4.1
},
{
"db": "PACKETSTORM",
"id": "162825",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "162447",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2021-013501",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "165794",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "164872",
"trust": 0.7
},
{
"db": "CS-HELP",
"id": "SB2021072711",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021050503",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021072919",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021080506",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021052503",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.1795",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.0245",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2563",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.3779",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2787",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2622",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.1501",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202105-060",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "162449",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "162452",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "162448",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-390398",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2021-30665",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "165631",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169087",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-390398"
},
{
"db": "VULMON",
"id": "CVE-2021-30665"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-013501"
},
{
"db": "PACKETSTORM",
"id": "162825"
},
{
"db": "PACKETSTORM",
"id": "165631"
},
{
"db": "PACKETSTORM",
"id": "162448"
},
{
"db": "PACKETSTORM",
"id": "162452"
},
{
"db": "PACKETSTORM",
"id": "162449"
},
{
"db": "PACKETSTORM",
"id": "162447"
},
{
"db": "PACKETSTORM",
"id": "169087"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-060"
},
{
"db": "NVD",
"id": "CVE-2021-30665"
}
]
},
"id": "VAR-202109-1315",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-390398"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T20:38:26.600000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT212341 Apple\u00a0 Security update",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht212335"
},
{
"title": "Apple Safari Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=149091"
},
{
"title": "BleepingComputer",
"trust": 0.1,
"url": "https://www.bleepingcomputer.com/news/apple/apple-fixes-2-ios-zero-day-vulnerabilities-actively-used-in-attacks/"
},
{
"title": null,
"trust": 0.1,
"url": "https://www.theregister.co.uk/2021/05/04/in_brief_security/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-30665"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-013501"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-060"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "Out-of-bounds writing (CWE-787) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-390398"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-013501"
},
{
"db": "NVD",
"id": "CVE-2021-30665"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30665"
},
{
"trust": 1.7,
"url": "https://support.apple.com/en-us/ht212335"
},
{
"trust": 1.7,
"url": "https://support.apple.com/en-us/ht212336"
},
{
"trust": 1.7,
"url": "https://support.apple.com/en-us/ht212339"
},
{
"trust": 1.7,
"url": "https://support.apple.com/en-us/ht212341"
},
{
"trust": 1.7,
"url": "https://support.apple.com/en-us/ht212532"
},
{
"trust": 0.8,
"url": "https://cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/cve/cve-2021-30665"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0245"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021080506"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/apple-macos-two-vulnerabilities-via-webkit-35223"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021052503"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/162825/apple-security-advisory-2021-05-25-7.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/162447/apple-security-advisory-2021-05-03-2.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021072711"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.3779"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.1501"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2622"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2787"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/164872/red-hat-security-advisory-2021-4381-05.html"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/webkitgtk-multiple-vulnerabilities-36009"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.1795"
},
{
"trust": 0.6,
"url": "https://support.apple.com/en-us/ht212340"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2563"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021050503"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021072919"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/165794/gentoo-linux-security-advisory-202202-01.html"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30663"
},
{
"trust": 0.5,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.5,
"url": "https://support.apple.com/kb/ht201222"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30744"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-21779"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30689"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30749"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30720"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30734"
},
{
"trust": 0.2,
"url": "https://www.apple.com/itunes/"
},
{
"trust": 0.1,
"url": "http://seclists.org/fulldisclosure/2021/may/7"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30715"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30740"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30705"
},
{
"trust": 0.1,
"url": "https://support.apple.com/ht212532."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30710"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30697"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30685"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30737"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30704"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30736"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30707"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30686"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30687"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30677"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30727"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30724"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30700"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30682"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30701"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-16135"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3200"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-25013"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-37750"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-25012"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-27823"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-35522"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-5827"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3733"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-1870"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-35524"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3575"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-30758"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-25013"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-13558"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-15389"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-25009"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-33938"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-27645"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-33574"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-5727"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-13435"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-5827"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-33929"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-24370"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-43527"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-14145"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5785"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-41617"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-12973"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-30689"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-20847"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-30682"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-13751"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-33928"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10001"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-25014"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/latest/migration_toolkit_for_containers/installing-mtc.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-22946"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-19603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14145"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-25012"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-35521"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-35942"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-17594"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-18032"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3572"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-1801"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-12762"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-36086"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3778"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-13750"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-13751"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-33930"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-1765"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2016-4658"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-22898"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-12762"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-20845"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-16135"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-26927"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-36084"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-20847"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-17541"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3800"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17594"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-36087"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-27918"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-36331"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3712"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-30749"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-30795"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-5785"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-1788"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-31535"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5727"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-30744"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3445"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-13435"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-19603"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-21775"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-21806"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-22925"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-27814"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-36330"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-18218"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-36241"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-30797"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-20232"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4658"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-13558"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-20266"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-20321"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-20838"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-22876"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-27842"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-20231"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-36332"
},
{
"trust": 0.1,
"url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-14155"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-1799"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-25010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20838"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-21779"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-10001"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-29623"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-20271"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3948"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-22947"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-25014"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-27828"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-36085"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-12973"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-20845"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-33560"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-17595"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-1844"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3481"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-42574"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14155"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-25009"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-1871"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-25010"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-29338"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-30734"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-35523"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-28153"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-26926"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-13750"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-30720"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3426"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-18218"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-28650"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3580"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-27843"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-24870"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3796"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17595"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-27845"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-1789"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-30663"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-30799"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3272"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:0202"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-15389"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-27824"
},
{
"trust": 0.1,
"url": "https://support.apple.com/ht212336."
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht204641"
},
{
"trust": 0.1,
"url": "https://support.apple.com/ht212339."
},
{
"trust": 0.1,
"url": "https://support.apple.com/downloads/"
},
{
"trust": 0.1,
"url": "https://support.apple.com/ht212335."
},
{
"trust": 0.1,
"url": "https://support.apple.com/ht212341."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30661"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30666"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30758"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30795"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-21775"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/webkit2gtk"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30797"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-30799"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-390398"
},
{
"db": "VULMON",
"id": "CVE-2021-30665"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-013501"
},
{
"db": "PACKETSTORM",
"id": "162825"
},
{
"db": "PACKETSTORM",
"id": "165631"
},
{
"db": "PACKETSTORM",
"id": "162448"
},
{
"db": "PACKETSTORM",
"id": "162452"
},
{
"db": "PACKETSTORM",
"id": "162449"
},
{
"db": "PACKETSTORM",
"id": "162447"
},
{
"db": "PACKETSTORM",
"id": "169087"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-060"
},
{
"db": "NVD",
"id": "CVE-2021-30665"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-390398"
},
{
"db": "VULMON",
"id": "CVE-2021-30665"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-013501"
},
{
"db": "PACKETSTORM",
"id": "162825"
},
{
"db": "PACKETSTORM",
"id": "165631"
},
{
"db": "PACKETSTORM",
"id": "162448"
},
{
"db": "PACKETSTORM",
"id": "162452"
},
{
"db": "PACKETSTORM",
"id": "162449"
},
{
"db": "PACKETSTORM",
"id": "162447"
},
{
"db": "PACKETSTORM",
"id": "169087"
},
{
"db": "CNNVD",
"id": "CNNVD-202105-060"
},
{
"db": "NVD",
"id": "CVE-2021-30665"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-09-08T00:00:00",
"db": "VULHUB",
"id": "VHN-390398"
},
{
"date": "2022-09-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-013501"
},
{
"date": "2021-05-26T17:50:13",
"db": "PACKETSTORM",
"id": "162825"
},
{
"date": "2022-01-20T17:48:29",
"db": "PACKETSTORM",
"id": "165631"
},
{
"date": "2021-05-04T16:23:46",
"db": "PACKETSTORM",
"id": "162448"
},
{
"date": "2021-05-04T19:16:10",
"db": "PACKETSTORM",
"id": "162452"
},
{
"date": "2021-05-04T16:23:57",
"db": "PACKETSTORM",
"id": "162449"
},
{
"date": "2021-05-04T16:23:31",
"db": "PACKETSTORM",
"id": "162447"
},
{
"date": "2021-07-28T19:12:00",
"db": "PACKETSTORM",
"id": "169087"
},
{
"date": "2021-05-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202105-060"
},
{
"date": "2021-09-08T15:15:13.507000",
"db": "NVD",
"id": "CVE-2021-30665"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-05-03T00:00:00",
"db": "VULHUB",
"id": "VHN-390398"
},
{
"date": "2024-05-31T06:13:00",
"db": "JVNDB",
"id": "JVNDB-2021-013501"
},
{
"date": "2022-05-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202105-060"
},
{
"date": "2024-05-16T01:00:02.197000",
"db": "NVD",
"id": "CVE-2021-30665"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202105-060"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0Apple\u00a0 Out-of-bounds write vulnerabilities in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-013501"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202105-060"
}
],
"trust": 0.6
}
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.