Impact: A malicious application may bypass Gatekeeper checksĬVE-2021-30853: Gordon Long of Box, Inc. Impact: Processing a maliciously crafted dfont file may lead to arbitrary code executionĬVE-2021-30841: Xingwei Lin of Ant Security Light-Year LabĬVE-2021-30842: Xingwei Lin of Ant Security Light-Year LabĬVE-2021-30843: Xingwei Lin of Ant Security Light-Year Lab Impact: curl could potentially reveal sensitive internal information to the server using a clear-text network protocolĭescription: A buffer overflow was addressed with improved input validation.Įntry added September 20, 2021, updated January 19, 2022ĭescription: A memory corruption issue was addressed with improved state management.ĬVE-2021-30832: Mickey Jin of Trend Micro Impact: A local user may be able to execute arbitrary filesĭescription: A URI parsing issue was addressed with improved parsing. ![]() Impact: A local user may be able to read arbitrary files as root This issue was addressed with improved permission validation. Impact: A local attacker may be able to elevate their privilegesĭescription: A permissions issue existed. Impact: A sandboxed process may be able to circumvent sandbox restrictions. Apple was aware of a report that this issue may have been actively exploited at the time of release.ĭescription: A deserialization issue was addressed through improved validation.ĬVE-2021-31010: Citizen Lab and Google Project Zero Apple is aware of a report that this issue may have been actively exploited.ĭescription: An integer overflow was addressed with improved input validation. Impact: Processing a maliciously crafted PDF may lead to arbitrary code execution. Impact: Processing a maliciously crafted image may lead to arbitrary code executionĭescription: A memory corruption issue was addressed with improved input validation.ĬVE-2021-30928: Mickey Jin of Trend Micro Impact: Processing a malicious audio file may result in unexpected application termination or arbitrary code executionĭescription: A logic issue was addressed with improved state management.ĬVE-2021-30834: JunDong Xie of Ant Security Light-Year Lab ![]() Impact: A malicious application may be able to execute arbitrary code with system privilegesĭescription: A memory corruption issue was addressed with improved memory handling. Impact: A local attacker may be able to read sensitive informationĭescription: This issue was addressed with improved checks.ĬVE-2021-30811: an anonymous researcher working with Compartir
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |