CVE-2021-30881

An input validation issue was addressed with improved memory handling. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, tvOS 15.1, watchOS 8.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. Unpacking a maliciously crafted archive may lead to arbitrary code execution.

Published: Aug 24, 2021
Updated: Apr 14, 2023
CVE: CVE-2021-30881
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.8
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS v2:

Severity: Medium
Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

CWE-20

Affected Software
References

Software	From	Fixed in
apple / mac_os_x	-	10.15.7
apple / mac_os_x	10.15.7-supplemental_update	10.15.7-supplemental_update.x
apple / mac_os_x	10.15.7	10.15.7.x
apple / mac_os_x	10.15.7-security_update_2020-001	10.15.7-security_update_2020-001.x
apple / mac_os_x	10.15.7-security_update_2021-001	10.15.7-security_update_2021-001.x
apple / mac_os_x	10.15.7-security_update_2021-002	10.15.7-security_update_2021-002.x
apple / mac_os_x	10.15.7-security_update_2021-003	10.15.7-security_update_2021-003.x
apple / mac_os_x	10.15.7-security_update_2021-004	10.15.7-security_update_2021-004.x
apple / macos	12.0	12.0.x
apple / mac_os_x	10.15.7-security_update_2021-005	10.15.7-security_update_2021-005.x
apple / mac_os_x	10.15.7-security_update_2021-006	10.15.7-security_update_2021-006.x
apple / macos	11.0	11.6.1
apple / tvos	-	15.1
apple / watchos	-	8.1
apple / iphone_os	-	15.1
apple / ipados	-	15.1

Vulnerability Database

290,476

CVE-2021-30881