CVE-2021-30662 – Apple macOS ImageIO TIFF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-30662
This issue was addressed with improved checks. This issue is fixed in iOS 14.5 and iPadOS 14.5. Processing a maliciously crafted file may lead to arbitrary code execution. Se abordó este problema con comprobaciones mejoradas. Este problema es corregido en iOS versión 14.5 y iPadOS versión 14.5. • https://support.apple.com/en-us/HT212317 •
CVE-2021-30764 – Apple macOS ImageIO WEBP File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-30764
Processing a maliciously crafted file may lead to arbitrary code execution. This issue is fixed in iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. This issue was addressed with improved checks. El procesamiento de un archivo diseñado maliciosamente puede conllevar a una ejecución de código arbitrario. Este problema se corrigió en iOS versión 14.5 e iPadOS versión 14.5, watchOS versión 7.4, tvOS versión 14.5. • https://support.apple.com/en-us/HT212317 https://support.apple.com/en-us/HT212323 https://support.apple.com/en-us/HT212324 •
CVE-2021-36976
https://notcve.org/view.php?id=CVE-2021-36976
libarchive 3.4.1 through 3.5.1 has a use-after-free in copy_string (called from do_uncompress_block and process_block). libarchive versiones 3.4.1 hasta 3.5.1, presenta un uso de memoria previamente liberada en la función copy_string (llamado desde do_uncompress_block y process_block) • http://seclists.org/fulldisclosure/2022/Mar/27 http://seclists.org/fulldisclosure/2022/Mar/28 http://seclists.org/fulldisclosure/2022/Mar/29 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32375 https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libarchive/OSV-2021-557.yaml https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SE5NJQNM22ZE5Z55LPAGCUHSBQZBKMKC https://security.gentoo.org/glsa/202208-26 https://support.apple.com/kb/HT213182 • CWE-416: Use After Free •
CVE-2021-30723 – Apple macOS ModelIO USD Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-30723
An information disclosure issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted USD file may disclose memory contents. Se abordó un problema de divulgación de información con una administración de estado mejorada. Este problema se corrigió en macOS Big Sur versión 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS versión 14.6 e iPadOS versión 14.6. • https://support.apple.com/en-us/HT212528 https://support.apple.com/en-us/HT212529 https://support.apple.com/en-us/HT212530 https://support.apple.com/en-us/HT212531 •
CVE-2021-30746 – Apple macOS ModelIO USD Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-30746
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted USD file may disclose memory contents. Se abordó una lectura fuera de límites con una comprobación de entrada mejorada. Este problema se corrigió en macOS Big Sur versión 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS versión 14.6 e iPadOS versión 14.6. • https://support.apple.com/en-us/HT212528 https://support.apple.com/en-us/HT212529 https://support.apple.com/en-us/HT212530 https://support.apple.com/en-us/HT212531 • CWE-125: Out-of-bounds Read •