{"containers": {"cna": {"affected": [{"product": "watchOS", "vendor": "Apple", "versions": [{"lessThan": "8.3", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "iOS and iPadOS", "vendor": "Apple", "versions": [{"lessThan": "15.2", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "macOS", "vendor": "Apple", "versions": [{"lessThan": "12.1", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "macOS", "vendor": "Apple", "versions": [{"lessThan": "15.2", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "macOS", "vendor": "Apple", "versions": [{"lessThan": "15.2", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "An integer overflow was addressed with improved input validation. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution."}], "problemTypes": [{"descriptions": [{"description": "Processing maliciously crafted web content may lead to arbitrary code execution", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-02-06T03:06:35.000Z", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://support.apple.com/en-us/HT212975"}, {"tags": ["x_refsource_MISC"], "url": "https://support.apple.com/en-us/HT212976"}, {"tags": ["x_refsource_MISC"], "url": "https://support.apple.com/en-us/HT212978"}, {"tags": ["x_refsource_MISC"], "url": "https://support.apple.com/en-us/HT212980"}, {"tags": ["x_refsource_MISC"], "url": "https://support.apple.com/en-us/HT212982"}, {"name": "[oss-security] 20220121 WebKitGTK and WPE WebKit Security Advisory WSA-2022-0001", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2022/01/21/2"}, {"name": "FEDORA-2022-25a98f5d55", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7EQVZ3CEMTINLBZ7PBC7WRXVEVCRHNSM/"}, {"name": "DSA-5061", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "https://www.debian.org/security/2022/dsa-5061"}, {"name": "DSA-5060", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "https://www.debian.org/security/2022/dsa-5060"}, {"name": "FEDORA-2022-f7366e60cb", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HQKWD4BXRDD2YGR5AVU7H5J5PIQIEU6V/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "product-security@apple.com", "ID": "CVE-2021-30952", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "8.3"}]}}, {"product_name": "iOS and iPadOS", "version": {"version_data": [{"version_affected": "<", "version_value": "15.2"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "12.1"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "15.2"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "15.2"}]}}]}, "vendor_name": "Apple"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An integer overflow was addressed with improved input validation. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Processing maliciously crafted web content may lead to arbitrary code execution"}]}]}, "references": {"reference_data": [{"name": "https://support.apple.com/en-us/HT212975", "refsource": "MISC", "url": "https://support.apple.com/en-us/HT212975"}, {"name": "https://support.apple.com/en-us/HT212976", "refsource": "MISC", "url": "https://support.apple.com/en-us/HT212976"}, {"name": "https://support.apple.com/en-us/HT212978", "refsource": "MISC", "url": "https://support.apple.com/en-us/HT212978"}, {"name": "https://support.apple.com/en-us/HT212980", "refsource": "MISC", "url": "https://support.apple.com/en-us/HT212980"}, {"name": "https://support.apple.com/en-us/HT212982", "refsource": "MISC", "url": "https://support.apple.com/en-us/HT212982"}, {"name": "[oss-security] 20220121 WebKitGTK and WPE WebKit Security Advisory WSA-2022-0001", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2022/01/21/2"}, {"name": "FEDORA-2022-25a98f5d55", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7EQVZ3CEMTINLBZ7PBC7WRXVEVCRHNSM/"}, {"name": "DSA-5061", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2022/dsa-5061"}, {"name": "DSA-5060", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2022/dsa-5060"}, {"name": "FEDORA-2022-f7366e60cb", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HQKWD4BXRDD2YGR5AVU7H5J5PIQIEU6V/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T22:48:14.237Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://support.apple.com/en-us/HT212975"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://support.apple.com/en-us/HT212976"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://support.apple.com/en-us/HT212978"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://support.apple.com/en-us/HT212980"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://support.apple.com/en-us/HT212982"}, {"name": "[oss-security] 20220121 WebKitGTK and WPE WebKit Security Advisory WSA-2022-0001", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2022/01/21/2"}, {"name": "FEDORA-2022-25a98f5d55", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7EQVZ3CEMTINLBZ7PBC7WRXVEVCRHNSM/"}, {"name": "DSA-5061", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "https://www.debian.org/security/2022/dsa-5061"}, {"name": "DSA-5060", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "https://www.debian.org/security/2022/dsa-5060"}, {"name": "FEDORA-2022-f7366e60cb", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HQKWD4BXRDD2YGR5AVU7H5J5PIQIEU6V/"}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-190", "lang": "en", "description": "CWE-190 Integer Overflow or Wraparound"}]}], "references": [{"url": "https://cloud.google.com/blog/topics/threat-intelligence/coruna-powerful-ios-exploit-kit", "tags": ["third-party-advisory"]}, {"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-30952", "tags": ["government-resource"]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-03-05T00:00:00+00:00", "options": [{"Exploitation": "active"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3", "id": "CVE-2021-30952"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2026-03-05", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-30952"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-06T05:01:17.601Z"}, "timeline": [{"time": "2026-03-05T00:00:00.000Z", "lang": "en", "value": "CVE-2021-30952 added to CISA KEV"}]}]}, "cveMetadata": {"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2021-30952", "datePublished": "2021-08-24T18:50:52.000Z", "dateReserved": "2021-04-13T00:00:00.000Z", "dateUpdated": "2026-03-06T05:01:17.601Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://support.apple.com/en-us/HT212975", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://support.apple.com/en-us/HT212976", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://support.apple.com/en-us/HT212978", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://support.apple.com/en-us/HT212980", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://support.apple.com/en-us/HT212982", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2022/01/21/2", "name": "[oss-security] 20220121 WebKitGTK and WPE WebKit Security Advisory WSA-2022-0001", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7EQVZ3CEMTINLBZ7PBC7WRXVEVCRHNSM/", "name": "FEDORA-2022-25a98f5d55", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"]}, {"url": "https://www.debian.org/security/2022/dsa-5061", "name": "DSA-5061", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"]}, {"url": "https://www.debian.org/security/2022/dsa-5060", "name": "DSA-5060", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HQKWD4BXRDD2YGR5AVU7H5J5PIQIEU6V/", "name": "FEDORA-2022-f7366e60cb", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T22:48:14.237Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2021-30952", "role": "CISA Coordinator", "options": [{"Exploitation": "active"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-05T19:17:22.802935Z"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2026-03-05", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-30952"}}}], "references": [{"url": "https://cloud.google.com/blog/topics/threat-intelligence/coruna-powerful-ios-exploit-kit", "tags": ["third-party-advisory"]}, {"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-30952", "tags": ["government-resource"]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-190", "description": "CWE-190 Integer Overflow or Wraparound"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-05T16:43:46.112Z"}, "timeline": [{"lang": "en", "time": "2026-03-05T00:00:00.000Z", "value": "CVE-2021-30952 added to CISA KEV"}]}], "cna": {"affected": [{"vendor": "Apple", "product": "watchOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "8.3", "versionType": "custom"}]}, {"vendor": "Apple", "product": "iOS and iPadOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "15.2", "versionType": "custom"}]}, {"vendor": "Apple", "product": "macOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "12.1", "versionType": "custom"}]}, {"vendor": "Apple", "product": "macOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "15.2", "versionType": "custom"}]}, {"vendor": "Apple", "product": "macOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "15.2", "versionType": "custom"}]}], "references": [{"url": "https://support.apple.com/en-us/HT212975", "tags": ["x_refsource_MISC"]}, {"url": "https://support.apple.com/en-us/HT212976", "tags": ["x_refsource_MISC"]}, {"url": "https://support.apple.com/en-us/HT212978", "tags": ["x_refsource_MISC"]}, {"url": "https://support.apple.com/en-us/HT212980", "tags": ["x_refsource_MISC"]}, {"url": "https://support.apple.com/en-us/HT212982", "tags": ["x_refsource_MISC"]}, {"url": "http://www.openwall.com/lists/oss-security/2022/01/21/2", "name": "[oss-security] 20220121 WebKitGTK and WPE WebKit Security Advisory WSA-2022-0001", "tags": ["mailing-list", "x_refsource_MLIST"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7EQVZ3CEMTINLBZ7PBC7WRXVEVCRHNSM/", "name": "FEDORA-2022-25a98f5d55", "tags": ["vendor-advisory", "x_refsource_FEDORA"]}, {"url": "https://www.debian.org/security/2022/dsa-5061", "name": "DSA-5061", "tags": ["vendor-advisory", "x_refsource_DEBIAN"]}, {"url": "https://www.debian.org/security/2022/dsa-5060", "name": "DSA-5060", "tags": ["vendor-advisory", "x_refsource_DEBIAN"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HQKWD4BXRDD2YGR5AVU7H5J5PIQIEU6V/", "name": "FEDORA-2022-f7366e60cb", "tags": ["vendor-advisory", "x_refsource_FEDORA"]}], "descriptions": [{"lang": "en", "value": "An integer overflow was addressed with improved input validation. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "Processing maliciously crafted web content may lead to arbitrary code execution"}]}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2022-02-06T03:06:35.000Z"}, "x_legacyV4Record": {"affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "8.3", "version_affected": "<"}]}, "product_name": "watchOS"}, {"version": {"version_data": [{"version_value": "15.2", "version_affected": "<"}]}, "product_name": "iOS and iPadOS"}, {"version": {"version_data": [{"version_value": "12.1", "version_affected": "<"}]}, "product_name": "macOS"}, {"version": {"version_data": [{"version_value": "15.2", "version_affected": "<"}]}, "product_name": "macOS"}, {"version": {"version_data": [{"version_value": "15.2", "version_affected": "<"}]}, "product_name": "macOS"}]}, "vendor_name": "Apple"}]}}, "data_type": "CVE", "references": {"reference_data": [{"url": "https://support.apple.com/en-us/HT212975", "name": "https://support.apple.com/en-us/HT212975", "refsource": "MISC"}, {"url": "https://support.apple.com/en-us/HT212976", "name": "https://support.apple.com/en-us/HT212976", "refsource": "MISC"}, {"url": "https://support.apple.com/en-us/HT212978", "name": "https://support.apple.com/en-us/HT212978", "refsource": "MISC"}, {"url": "https://support.apple.com/en-us/HT212980", "name": "https://support.apple.com/en-us/HT212980", "refsource": "MISC"}, {"url": "https://support.apple.com/en-us/HT212982", "name": "https://support.apple.com/en-us/HT212982", "refsource": "MISC"}, {"url": "http://www.openwall.com/lists/oss-security/2022/01/21/2", "name": "[oss-security] 20220121 WebKitGTK and WPE WebKit Security Advisory WSA-2022-0001", "refsource": "MLIST"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7EQVZ3CEMTINLBZ7PBC7WRXVEVCRHNSM/", "name": "FEDORA-2022-25a98f5d55", "refsource": "FEDORA"}, {"url": "https://www.debian.org/security/2022/dsa-5061", "name": "DSA-5061", "refsource": "DEBIAN"}, {"url": "https://www.debian.org/security/2022/dsa-5060", "name": "DSA-5060", "refsource": "DEBIAN"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HQKWD4BXRDD2YGR5AVU7H5J5PIQIEU6V/", "name": "FEDORA-2022-f7366e60cb", "refsource": "FEDORA"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "An integer overflow was addressed with improved input validation. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Processing maliciously crafted web content may lead to arbitrary code execution"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2021-30952", "STATE": "PUBLIC", "ASSIGNER": "product-security@apple.com"}}}}, "cveMetadata": {"cveId": "CVE-2021-30952", "state": "PUBLISHED", "dateUpdated": "2026-03-06T05:01:17.601Z", "dateReserved": "2021-04-13T00:00:00.000Z", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "datePublished": "2021-08-24T18:50:52.000Z", "assignerShortName": "apple"}, "dataVersion": "5.2"}

{"cisaActionDue": "2026-03-26", "cisaExploitAdd": "2026-03-05", "cisaRequiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", "cisaVulnerabilityName": "Apple Multiple Products Integer Overflow or Wraparound Vulnerability", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "matchCriteriaId": "7B60AA98-68B6-4770-884B-36AE7826E729", "versionEndExcluding": "15.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", "matchCriteriaId": "CCE4E546-A0DD-4E9E-A6B9-C19B04D77466", "versionEndExcluding": "15.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "matchCriteriaId": "7FB904C1-43D1-4583-8729-5D1B1746A54C", "versionEndExcluding": "15.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "matchCriteriaId": "CA118623-E817-42AA-AB39-6239B1284192", "versionEndExcluding": "12.1", "versionStartIncluding": "12.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "matchCriteriaId": "16CAE2FB-FADC-4BF4-9115-D20D365051BF", "versionEndExcluding": "15.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "matchCriteriaId": "7A7245FB-6FBE-4C09-80F5-18504CA623B3", "versionEndExcluding": "8.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:webkitgtk:webkitgtk:*:*:*:*:*:*:*:*", "matchCriteriaId": "0529EBF6-4F6C-47D5-AD9A-C91C0B4EBC2F", "versionEndExcluding": "2.34.4", "vulnerable": true}, {"criteria": "cpe:2.3:a:wpewebkit:wpe_webkit:*:*:*:*:*:*:*:*", "matchCriteriaId": "7FBA5321-1F37-45EF-8DB4-DAE5D1C874B9", "versionEndExcluding": "2.34.4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An integer overflow was addressed with improved input validation. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution."}, {"lang": "es", "value": "Se abord\u00f3 un desbordamiento de enteros con una comprobaci\u00f3n de entrada mejorada.&#xa0;Este problema es corregido en tvOS versi\u00f3n 15.2, macOS Monterey versi\u00f3n 12.1, Safari versi\u00f3n 15.2, iOS versi\u00f3n 15.2 e iPadOS versi\u00f3n 15.2, watchOS versi\u00f3n 8.3.&#xa0;El procesamiento de contenido web creado con fines maliciosos puede conllevar a una ejecuci\u00f3n de c\u00f3digo arbitrario"}], "id": "CVE-2021-30952", "lastModified": "2026-03-06T13:44:17.940", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2021-08-24T19:15:21.777", "references": [{"source": "product-security@apple.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2022/01/21/2"}, {"source": "product-security@apple.com", "tags": ["Broken Link"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7EQVZ3CEMTINLBZ7PBC7WRXVEVCRHNSM/"}, {"source": "product-security@apple.com", "tags": ["Broken Link"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HQKWD4BXRDD2YGR5AVU7H5J5PIQIEU6V/"}, {"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/HT212975"}, {"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/HT212976"}, {"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/HT212978"}, {"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/HT212980"}, {"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/HT212982"}, {"source": "product-security@apple.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://www.debian.org/security/2022/dsa-5060"}, {"source": "product-security@apple.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://www.debian.org/security/2022/dsa-5061"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2022/01/21/2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7EQVZ3CEMTINLBZ7PBC7WRXVEVCRHNSM/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HQKWD4BXRDD2YGR5AVU7H5J5PIQIEU6V/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/HT212975"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/HT212976"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/HT212978"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/HT212980"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/HT212982"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://www.debian.org/security/2022/dsa-5060"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://www.debian.org/security/2022/dsa-5061"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["Exploit", "Third Party Advisory"], "url": "https://cloud.google.com/blog/topics/threat-intelligence/coruna-powerful-ios-exploit-kit"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["US Government Resource"], "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-30952"}], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-190"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-190"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2025:10364", "cpe": "cpe:/o:redhat:rhel_els:7", "package": "webkitgtk4-0:2.48.3-2.el7_9", "product_name": "Red Hat Enterprise Linux 7 Extended Lifecycle Support", "release_date": "2025-07-07T00:00:00Z"}, {"advisory": "RHSA-2022:1777", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "webkit2gtk3-0:2.34.6-1.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2022-05-10T00:00:00Z"}], "bugzilla": {"description": "webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution", "id": "2044538", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044538"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.8", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-190", "details": ["An integer overflow was addressed with improved input validation. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution.", "A flaw was found in webkitgtk. The vulnerability occurs due to improper input validation, which can lead to an integer overflow. An attacker with network access could pass specially crafted web content files causing an application to halt, crash, or may lead to arbitrary code execution."], "name": "CVE-2021-30952", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "webkitgtk", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "webkitgtk3", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "webkit2gtk3", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2022-01-21T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-30952\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-30952\nhttps://webkitgtk.org/security/WSA-2022-0001.html"], "threat_severity": "Moderate"}

{}