{"containers":{"cna":{"affected":[{"product":"watchOS","vendor":"Apple","versions":[{"lessThan":"8.3","status":"affected","version":"unspecified","versionType":"custom"}]},{"product":"iOS and iPadOS","vendor":"Apple","versions":[{"lessThan":"15.2","status":"affected","version":"unspecified","versionType":"custom"}]},{"product":"macOS","vendor":"Apple","versions":[{"lessThan":"12.1","status":"affected","version":"unspecified","versionType":"custom"}]},{"product":"macOS","vendor":"Apple","versions":[{"lessThan":"15.2","status":"affected","version":"unspecified","versionType":"custom"}]},{"product":"macOS","vendor":"Apple","versions":[{"lessThan":"15.2","status":"affected","version":"unspecified","versionType":"custom"}]}],"descriptions":[{"lang":"en","value":"An integer overflow was addressed with improved input validation. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution."}],"problemTypes":[{"descriptions":[{"description":"Processing maliciously crafted web content may lead to arbitrary code execution","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2022-02-06T03:06:35.000Z","orgId":"286789f9-fbc2-4510-9f9a-43facdede74c","shortName":"apple"},"references":[{"tags":["x_refsource_MISC"],"url":"https://support.apple.com/en-us/HT212975"},{"tags":["x_refsource_MISC"],"url":"https://support.apple.com/en-us/HT212976"},{"tags":["x_refsource_MISC"],"url":"https://support.apple.com/en-us/HT212978"},{"tags":["x_refsource_MISC"],"url":"https://support.apple.com/en-us/HT212980"},{"tags":["x_refsource_MISC"],"url":"https://support.apple.com/en-us/HT212982"},{"name":"[oss-security] 20220121 WebKitGTK and WPE WebKit Security Advisory WSA-2022-0001","tags":["mailing-list","x_refsource_MLIST"],"url":"http://www.openwall.com/lists/oss-security/2022/01/21/2"},{"name":"FEDORA-2022-25a98f5d55","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7EQVZ3CEMTINLBZ7PBC7WRXVEVCRHNSM/"},{"name":"DSA-5061","tags":["vendor-advisory","x_refsource_DEBIAN"],"url":"https://www.debian.org/security/2022/dsa-5061"},{"name":"DSA-5060","tags":["vendor-advisory","x_refsource_DEBIAN"],"url":"https://www.debian.org/security/2022/dsa-5060"},{"name":"FEDORA-2022-f7366e60cb","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HQKWD4BXRDD2YGR5AVU7H5J5PIQIEU6V/"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"product-security@apple.com","ID":"CVE-2021-30952","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"watchOS","version":{"version_data":[{"version_affected":"<","version_value":"8.3"}]}},{"product_name":"iOS and iPadOS","version":{"version_data":[{"version_affected":"<","version_value":"15.2"}]}},{"product_name":"macOS","version":{"version_data":[{"version_affected":"<","version_value":"12.1"}]}},{"product_name":"macOS","version":{"version_data":[{"version_affected":"<","version_value":"15.2"}]}},{"product_name":"macOS","version":{"version_data":[{"version_affected":"<","version_value":"15.2"}]}}]},"vendor_name":"Apple"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"An integer overflow was addressed with improved input validation. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Processing maliciously crafted web content may lead to arbitrary code execution"}]}]},"references":{"reference_data":[{"name":"https://support.apple.com/en-us/HT212975","refsource":"MISC","url":"https://support.apple.com/en-us/HT212975"},{"name":"https://support.apple.com/en-us/HT212976","refsource":"MISC","url":"https://support.apple.com/en-us/HT212976"},{"name":"https://support.apple.com/en-us/HT212978","refsource":"MISC","url":"https://support.apple.com/en-us/HT212978"},{"name":"https://support.apple.com/en-us/HT212980","refsource":"MISC","url":"https://support.apple.com/en-us/HT212980"},{"name":"https://support.apple.com/en-us/HT212982","refsource":"MISC","url":"https://support.apple.com/en-us/HT212982"},{"name":"[oss-security] 20220121 WebKitGTK and WPE WebKit Security Advisory WSA-2022-0001","refsource":"MLIST","url":"http://www.openwall.com/lists/oss-security/2022/01/21/2"},{"name":"FEDORA-2022-25a98f5d55","refsource":"FEDORA","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7EQVZ3CEMTINLBZ7PBC7WRXVEVCRHNSM/"},{"name":"DSA-5061","refsource":"DEBIAN","url":"https://www.debian.org/security/2022/dsa-5061"},{"name":"DSA-5060","refsource":"DEBIAN","url":"https://www.debian.org/security/2022/dsa-5060"},{"name":"FEDORA-2022-f7366e60cb","refsource":"FEDORA","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HQKWD4BXRDD2YGR5AVU7H5J5PIQIEU6V/"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-03T22:48:14.237Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"https://support.apple.com/en-us/HT212975"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://support.apple.com/en-us/HT212976"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://support.apple.com/en-us/HT212978"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://support.apple.com/en-us/HT212980"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://support.apple.com/en-us/HT212982"},{"name":"[oss-security] 20220121 WebKitGTK and WPE WebKit Security Advisory WSA-2022-0001","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://www.openwall.com/lists/oss-security/2022/01/21/2"},{"name":"FEDORA-2022-25a98f5d55","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7EQVZ3CEMTINLBZ7PBC7WRXVEVCRHNSM/"},{"name":"DSA-5061","tags":["vendor-advisory","x_refsource_DEBIAN","x_transferred"],"url":"https://www.debian.org/security/2022/dsa-5061"},{"name":"DSA-5060","tags":["vendor-advisory","x_refsource_DEBIAN","x_transferred"],"url":"https://www.debian.org/security/2022/dsa-5060"},{"name":"FEDORA-2022-f7366e60cb","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HQKWD4BXRDD2YGR5AVU7H5J5PIQIEU6V/"}]},{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-190","lang":"en","description":"CWE-190 Integer Overflow or Wraparound"}]}],"references":[{"url":"https://cloud.google.com/blog/topics/threat-intelligence/coruna-powerful-ios-exploit-kit","tags":["third-party-advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-30952","tags":["government-resource"]}],"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":8.8,"attackVector":"NETWORK","baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","integrityImpact":"HIGH","userInteraction":"REQUIRED","attackComplexity":"LOW","availabilityImpact":"HIGH","privilegesRequired":"NONE","confidentialityImpact":"HIGH"}},{"other":{"type":"ssvc","content":{"timestamp":"2026-03-05T00:00:00+00:00","options":[{"Exploitation":"active"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3","id":"CVE-2021-30952"}}},{"other":{"type":"kev","content":{"dateAdded":"2026-03-05","reference":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-30952"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-03-06T05:01:17.601Z"},"timeline":[{"time":"2026-03-05T00:00:00.000Z","lang":"en","value":"CVE-2021-30952 added to CISA KEV"}]}]},"cveMetadata":{"assignerOrgId":"286789f9-fbc2-4510-9f9a-43facdede74c","assignerShortName":"apple","cveId":"CVE-2021-30952","datePublished":"2021-08-24T18:50:52.000Z","dateReserved":"2021-04-13T00:00:00.000Z","dateUpdated":"2026-03-06T05:01:17.601Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"}