CVE-2021-31000
https://notcve.org/view.php?id=CVE-2021-31000
A permissions issue was addressed with improved validation. This issue is fixed in iOS 15.2 and iPadOS 15.2, watchOS 8.3, macOS Monterey 12.1, tvOS 15.2. A malicious application may be able to read sensitive contact information. Se ha solucionado un problema de permisos con una validación mejorada. Este problema se ha solucionado en iOS 15.2 y iPadOS 15.2, watchOS 8.3, macOS Monterey 12.1, tvOS 15.2. • https://support.apple.com/en-us/HT212975 https://support.apple.com/en-us/HT212976 https://support.apple.com/en-us/HT212978 https://support.apple.com/en-us/HT212980 • CWE-276: Incorrect Default Permissions •
CVE-2021-30998
https://notcve.org/view.php?id=CVE-2021-30998
A S/MIME issue existed in the handling of encrypted email. This issue was addressed with improved selection of the encryption certificate. This issue is fixed in iOS 15.2 and iPadOS 15.2. A sender's email address may be leaked when sending an S/MIME encrypted email using a certificate with more than one email address. Existía un problema de S/MIME en el manejo del correo electrónico cifrado. • https://support.apple.com/en-us/HT212976 •
CVE-2021-30997
https://notcve.org/view.php?id=CVE-2021-30997
A S/MIME issue existed in the handling of encrypted email. This issue was addressed by not automatically loading some MIME parts. This issue is fixed in iOS 15.2 and iPadOS 15.2. An attacker may be able to recover plaintext contents of an S/MIME-encrypted e-mail. Existía un problema de S/MIME en el manejo del correo electrónico cifrado. • https://support.apple.com/en-us/HT212976 • CWE-312: Cleartext Storage of Sensitive Information •
CVE-2021-30996
https://notcve.org/view.php?id=CVE-2021-30996
A race condition was addressed with improved state handling. This issue is fixed in macOS Monterey 12.1, iOS 15.2 and iPadOS 15.2. A malicious application may be able to execute arbitrary code with kernel privileges. Se solucionó una condición de carrera con un manejo de estado mejorado. Este problema se solucionó en macOS Monterey versión 12.1, iOS versión 15.2 e iPadOS versión 15.2. • https://support.apple.com/en-us/HT212976 https://support.apple.com/en-us/HT212978 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVE-2021-30995 – Apple macOS fclonefileat Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-30995
A race condition was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. A malicious application may be able to elevate privileges. Se solucionó una condición de carrera con un manejo de estado mejorado. Este problema se solucionó en macOS Big Sur versión 11.6.2, tvOS versión 15.2, macOS Monterey versión 12.1, actualización de seguridad 2021-008 Catalina, iOS versión 15.2 e iPadOS versión 15.2, watchOS versión 8.3. • https://support.apple.com/en-us/HT212975 https://support.apple.com/en-us/HT212976 https://support.apple.com/en-us/HT212978 https://support.apple.com/en-us/HT212979 https://support.apple.com/en-us/HT212980 https://support.apple.com/en-us/HT212981 https://www.zerodayinitiative.com/advisories/ZDI-22-360 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •