CVE-2021-30928

A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.6, watchOS 8, tvOS 15, iOS 14.8 and iPadOS 14.8, iOS 15 and iPadOS 15. Processing a maliciously crafted image may lead to arbitrary code execution.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:apple:icloud:13.0:*:*:*:*:windows:*:*

History

07 Nov 2023, 03:33

Type Values Removed Values Added
References (MISC) https://support.apple.com/en-us/HT212814 - Vendor Advisory () https://support.apple.com/en-us/HT212814 -
References (MISC) https://support.apple.com/en-us/HT212819 - Vendor Advisory () https://support.apple.com/en-us/HT212819 -
References (CONFIRM) https://support.apple.com/kb/HT212953 - Vendor Advisory () https://support.apple.com/kb/HT212953 -
References (MISC) https://support.apple.com/en-us/HT212804 - Vendor Advisory () https://support.apple.com/en-us/HT212804 -
References (MISC) https://support.apple.com/en-us/HT212815 - Vendor Advisory () https://support.apple.com/en-us/HT212815 -
References (MISC) https://support.apple.com/en-us/HT212807 - Vendor Advisory () https://support.apple.com/en-us/HT212807 -

11 Oct 2022, 20:29

Type Values Removed Values Added
First Time Apple icloud
References (CONFIRM) https://support.apple.com/kb/HT212953 - (CONFIRM) https://support.apple.com/kb/HT212953 - Vendor Advisory
CPE cpe:2.3:a:apple:icloud:13.0:*:*:*:*:windows:*:*

26 May 2022, 03:15

Type Values Removed Values Added
References
  • (CONFIRM) https://support.apple.com/kb/HT212953 -

24 Mar 2022, 19:31

Type Values Removed Values Added
References (MISC) https://support.apple.com/en-us/HT212815 - (MISC) https://support.apple.com/en-us/HT212815 - Vendor Advisory
References (MISC) https://support.apple.com/en-us/HT212804 - (MISC) https://support.apple.com/en-us/HT212804 - Vendor Advisory
References (MISC) https://support.apple.com/en-us/HT212819 - (MISC) https://support.apple.com/en-us/HT212819 - Vendor Advisory
References (MISC) https://support.apple.com/en-us/HT212814 - (MISC) https://support.apple.com/en-us/HT212814 - Vendor Advisory
References (MISC) https://support.apple.com/en-us/HT212807 - (MISC) https://support.apple.com/en-us/HT212807 - Vendor Advisory
First Time Apple watchos
Apple ipados
Apple macos
Apple tvos
Apple
Apple iphone Os
CWE CWE-787
CVSS v2 : unknown
v3 : unknown
v2 : 6.8
v3 : 7.8
CPE cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*

23 Mar 2022, 20:15

Type Values Removed Values Added
References
  • (MISC) https://support.apple.com/en-us/HT212815 -
  • (MISC) https://support.apple.com/en-us/HT212804 -
  • (MISC) https://support.apple.com/en-us/HT212814 -
  • (MISC) https://support.apple.com/en-us/HT212807 -
  • (MISC) https://support.apple.com/en-us/HT212819 -
Summary ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by the CVE program. Notes: none. A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.6, watchOS 8, tvOS 15, iOS 14.8 and iPadOS 14.8, iOS 15 and iPadOS 15. Processing a maliciously crafted image may lead to arbitrary code execution.

24 Aug 2021, 19:15

Type Values Removed Values Added
New CVE

Information

Published : 2021-08-24 19:15

Updated : 2023-12-10 13:55


NVD link : CVE-2021-30928

Mitre link : CVE-2021-30928

CVE.ORG link : CVE-2021-30928


JSON object : View

Products Affected

apple

  • macos
  • iphone_os
  • tvos
  • ipados
  • icloud
  • watchos
CWE
CWE-787

Out-of-bounds Write