CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-30870
https://notcve.org/view.php?id=CVE-2021-30870
A logic issue existed in the handling of document loads. This issue was addressed with improved state management. This issue is fixed in iOS 15 and iPadOS 15. Previewing an html file attached to a note may unexpectedly contact remote servers. Se presentó un problema lógico en el manejo de las cargas de documentos. • https://support.apple.com/en-us/HT212814 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-30867
https://notcve.org/view.php?id=CVE-2021-30867
The issue was addressed with improved authentication. This issue is fixed in iOS 15 and iPadOS 15. A malicious application may be able to access photo metadata without needing permission to access photos. El problema se abordó con una autenticación mejorada. Este problema se corrigió en iOS versión 15 y iPadOS versión 15. • https://support.apple.com/en-us/HT212814 https://support.apple.com/kb/HT212869 • CWE-287: Improper Authentication •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-30866
https://notcve.org/view.php?id=CVE-2021-30866
A user privacy issue was addressed by removing the broadcast MAC address. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. A device may be passively tracked by its WiFi MAC address. Se abordó un problema de privacidad del usuario al remover la dirección MAC de difusión. Este problema se corrigió en tvOS versión 15, watchOS versión 8, iOS versión 15 y iPadOS versión 15. • https://support.apple.com/en-us/HT212814 https://support.apple.com/en-us/HT212815 https://support.apple.com/en-us/HT212819 https://support.apple.com/kb/HT212869 •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-30863
https://notcve.org/view.php?id=CVE-2021-30863
This issue was addressed by improving Face ID anti-spoofing models. This issue is fixed in iOS 15 and iPadOS 15. A 3D model constructed to look like the enrolled user may be able to authenticate via Face ID. Este problema se abordó con los modelos anti-spoofing de Face ID mejorados. Este problema se corrigió en iOS versión 15 y iPadOS versión 15. • https://support.apple.com/en-us/HT212814 •
CVSS: 7.6EPSS: 0%CPEs: 13EXPL: 0CVE-2021-30857
https://notcve.org/view.php?id=CVE-2021-30857
A race condition was addressed with improved locking. This issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, watchOS 8, macOS Big Sur 11.6. A malicious application may be able to execute arbitrary code with kernel privileges. Se abordó una condición de carrera con un bloqueo mejorado. Este problema se corrigió en Security Update 2021-005 Catalina, iOS versión 14.8 y iPadOS versión 14.8, tvOS versión 15, iOS versión 15 y iPadOS versión 15, watchOS versión 8, macOS Big Sur versión 11.6. • https://support.apple.com/en-us/HT212804 https://support.apple.com/en-us/HT212805 https://support.apple.com/en-us/HT212807 https://support.apple.com/en-us/HT212814 https://support.apple.com/en-us/HT212815 https://support.apple.com/en-us/HT212819 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •