CVE-2021-30846
webkitgtk: Memory corruption issue leading to arbitrary code execution
Severity Score
Exploit Likelihood
Affected Versions
10Public Exploits
1Exploited in Wild
-Decision
Descriptions
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution.
Se abordó un problema de corrupción de memoria con un manejo de memoria mejorado. Este problema es corregido en iOS versión 14.8 y iPadOS versión 14.8, Safari versión 15, tvOS versión 15, iOS versión 15 y iPadOS versión 15, watchOS versión 8. El procesamiento de contenido web maliciosamente diseñado puede conllevar la ejecución de código arbitrario
A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-04-13 CVE Reserved
- 2021-09-22 CVE Published
- 2021-10-14 First Exploit
- 2024-08-03 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-787: Out-of-bounds Write
CAPEC
References (21)
| URL | Tag | Source |
|---|---|---|
| http://seclists.org/fulldisclosure/2021/O... | Mailing List |
|
| http://seclists.org/fulldisclosure/2021/O... | Mailing List |
|
| http://seclists.org/fulldisclosure/2021/O... | Mailing List |
|
| http://seclists.org/fulldisclosure/2021/O... | Mailing List |
|
| http://www.openwall.com/lists/oss-securit... | Mailing List |
|
| http://www.openwall.com/lists/oss-securit... | Mailing List |
|
| http://www.openwall.com/lists/oss-securit... | Mailing List |
|
| http://www.openwall.com/lists/oss-securit... | Mailing List |
|
| URL | Date | SRC |
|---|