CVE-2021-30951

moderate-risk

Published 2021-08-24

A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution.

Do I need to act?

0.89% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 8.8/10 High

NETWORK / LOW complexity

Affected Products (10)

Safari

Ipados

Iphone Os

Macos

Tvos

Watchos

Fedora

Debian Linux

Fedora

Affected Vendors

Debian Apple Fedoraproject

References (20)

http://www.openwall.com/lists/oss-security/2022/01/21/2

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro...

https://support.apple.com/en-us/HT212975

https://support.apple.com/en-us/HT212976

https://support.apple.com/en-us/HT212978

https://support.apple.com/en-us/HT212980

https://support.apple.com/en-us/HT212982

https://www.debian.org/security/2022/dsa-5060

https://www.debian.org/security/2022/dsa-5061