mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-06-07 13:36:56 +00:00
175 lines
5.3 KiB
JSON
175 lines
5.3 KiB
JSON
|
{
|
||
|
|
"id": "CVE-2021-30809",
|
||
|
|
"sourceIdentifier": "product-security@apple.com",
|
||
|
|
"published": "2021-10-28T19:15:08.767",
|
||
|
|
"lastModified": "2021-12-21T20:05:30.197",
|
||
|
|
"vulnStatus": "Analyzed",
|
||
|
|
"descriptions": [
|
||
|
|
{
|
||
|
|
"lang": "en",
|
||
|
|
"value": "A use after free issue was addressed with improved memory management. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to arbitrary code execution."
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"lang": "es",
|
||
|
|
"value": "Se abord\u00f3 un problema de uso de memoria previamente liberada con una administraci\u00f3n de la memoria mejorada. Este problema se corrigi\u00f3 en Safari versi\u00f3n 15, tvOS versi\u00f3n 15, watchOS versi\u00f3n 8, iOS versi\u00f3n 15 y iPadOS versi\u00f3n 15. El procesamiento de contenido web dise\u00f1ado de forma maliciosa puede conllevar a una ejecuci\u00f3n de c\u00f3digo arbitrario"
|
||
|
|
}
|
||
|
|
],
|
||
|
|
"metrics": {
|
||
|
|
"cvssMetricV31": [
|
||
|
|
{
|
||
|
|
"source": "nvd@nist.gov",
|
||
|
|
"type": "Primary",
|
||
|
|
"cvssData": {
|
||
|
|
"version": "3.1",
|
||
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
|
|
"attackVector": "NETWORK",
|
||
|
|
"attackComplexity": "LOW",
|
||
|
|
"privilegesRequired": "NONE",
|
||
|
|
"userInteraction": "REQUIRED",
|
||
|
|
"scope": "UNCHANGED",
|
||
|
|
"confidentialityImpact": "HIGH",
|
||
|
|
"integrityImpact": "HIGH",
|
||
|
|
"availabilityImpact": "HIGH",
|
||
|
|
"baseScore": 8.8,
|
||
|
|
"baseSeverity": "HIGH"
|
||
|
|
},
|
||
|
|
"exploitabilityScore": 2.8,
|
||
|
|
"impactScore": 5.9
|
||
|
|
}
|
||
|
|
],
|
||
|
|
"cvssMetricV2": [
|
||
|
|
{
|
||
|
|
"source": "nvd@nist.gov",
|
||
|
|
"type": "Primary",
|
||
|
|
"cvssData": {
|
||
|
|
"version": "2.0",
|
||
|
|
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
||
|
|
"accessVector": "NETWORK",
|
||
|
|
"accessComplexity": "MEDIUM",
|
||
|
|
"authentication": "NONE",
|
||
|
|
"confidentialityImpact": "PARTIAL",
|
||
|
|
"integrityImpact": "PARTIAL",
|
||
|
|
"availabilityImpact": "PARTIAL",
|
||
|
|
"baseScore": 6.8
|
||
|
|
},
|
||
|
|
"baseSeverity": "MEDIUM",
|
||
|
|
"exploitabilityScore": 8.6,
|
||
|
|
"impactScore": 6.4,
|
||
|
|
"acInsufInfo": false,
|
||
|
|
"obtainAllPrivilege": false,
|
||
|
|
"obtainUserPrivilege": false,
|
||
|
|
"obtainOtherPrivilege": false,
|
||
|
|
"userInteractionRequired": true
|
||
|
|
}
|
||
|
|
]
|
||
|
|
},
|
||
|
|
"weaknesses": [
|
||
|
|
{
|
||
|
|
"source": "nvd@nist.gov",
|
||
|
|
"type": "Primary",
|
||
|
|
"description": [
|
||
|
|
{
|
||
|
|
"lang": "en",
|
||
|
|
"value": "CWE-416"
|
||
|
|
}
|
||
|
|
]
|
||
|
|
}
|
||
|
|
],
|
||
|
|
"configurations": [
|
||
|
|
{
|
||
|
|
"nodes": [
|
||
|
|
{
|
||
|
|
"operator": "OR",
|
||
|
|
"negate": false,
|
||
|
|
"cpeMatch": [
|
||
|
|
{
|
||
|
|
"vulnerable": true,
|
||
|
|
"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
|
||
|
|
"versionEndExcluding": "15.0",
|
||
|
|
"matchCriteriaId": "F80E547D-86D4-4790-8C0B-8222019C476D"
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"vulnerable": true,
|
||
|
|
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
|
||
|
|
"versionEndExcluding": "15.0",
|
||
|
|
"matchCriteriaId": "090FB24C-D685-4422-A936-821B30F9655D"
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"vulnerable": true,
|
||
|
|
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
|
||
|
|
"versionEndExcluding": "15.0",
|
||
|
|
"matchCriteriaId": "A5354DEB-CF04-4795-8D90-E280F0A859CA"
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"vulnerable": true,
|
||
|
|
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
|
||
|
|
"versionEndExcluding": "12.0.1",
|
||
|
|
"matchCriteriaId": "579B2A0D-A84F-45C2-B545-35ECEA3297DA"
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"vulnerable": true,
|
||
|
|
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
|
||
|
|
"versionEndExcluding": "15.0",
|
||
|
|
"matchCriteriaId": "B32A978E-673C-421D-93A1-CA84D90B67E4"
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"vulnerable": true,
|
||
|
|
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
|
||
|
|
"versionEndExcluding": "8.0",
|
||
|
|
"matchCriteriaId": "5364285F-B3F2-465B-B738-2FC1C8913A44"
|
||
|
|
}
|
||
|
|
]
|
||
|
|
}
|
||
|
|
]
|
||
|
|
}
|
||
|
|
],
|
||
|
|
"references": [
|
||
|
|
{
|
||
|
|
"url": "http://www.openwall.com/lists/oss-security/2021/12/20/6",
|
||
|
|
"source": "product-security@apple.com",
|
||
|
|
"tags": [
|
||
|
|
"Mailing List",
|
||
|
|
"Third Party Advisory"
|
||
|
|
]
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"url": "https://support.apple.com/en-us/HT212814",
|
||
|
|
"source": "product-security@apple.com",
|
||
|
|
"tags": [
|
||
|
|
"Release Notes",
|
||
|
|
"Vendor Advisory"
|
||
|
|
]
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"url": "https://support.apple.com/en-us/HT212815",
|
||
|
|
"source": "product-security@apple.com",
|
||
|
|
"tags": [
|
||
|
|
"Release Notes",
|
||
|
|
"Vendor Advisory"
|
||
|
|
]
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"url": "https://support.apple.com/en-us/HT212816",
|
||
|
|
"source": "product-security@apple.com",
|
||
|
|
"tags": [
|
||
|
|
"Release Notes",
|
||
|
|
"Vendor Advisory"
|
||
|
|
]
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"url": "https://support.apple.com/en-us/HT212819",
|
||
|
|
"source": "product-security@apple.com",
|
||
|
|
"tags": [
|
||
|
|
"Release Notes",
|
||
|
|
"Vendor Advisory"
|
||
|
|
]
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"url": "https://support.apple.com/kb/HT212869",
|
||
|
|
"source": "product-security@apple.com",
|
||
|
|
"tags": [
|
||
|
|
"Vendor Advisory"
|
||
|
|
]
|
||
|
|
}
|
||
|
|
]
|
||
|
|
}
|