CVE-2021-30818

Sažetak

A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, Safari 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution.

Reference

https://support.apple.com/en-us/HT212819
https://support.apple.com/en-us/HT212807
https://support.apple.com/en-us/HT212815
https://support.apple.com/en-us/HT212816
https://support.apple.com/en-us/HT212814
https://support.apple.com/kb/HT212869
http://www.openwall.com/lists/oss-security/2021/12/20/6

CVSS

Base:	6.8
Impact:	6.4
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:M/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

21-12-2021 - 19:48

Objavljeno

28-10-2021 - 19:15