Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.8
Apple Products: Malicious Web Content Can Execute Arbitrary Code
Known exploited
CVE-2021-30952
CVE-2021-30952
Summary
Certain Apple products, including tvOS, macOS, Safari, iPadOS, and watchOS, may allow hackers to execute malicious code on your device if you visit a specially crafted website. This could lead to unauthorized access to your device or data. Apple has released patches for these products, so it's essential to update them as soon as possible to stay protected.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| apple | multiple products | All versions | – |
| apple | safari | <= 15.2 | – |
| apple | ipados | <= 15.2 | – |
| apple | iphone_os | <= 15.2 | – |
| apple | macos | > 12.0 , <= 12.1 | – |
| apple | tvos | <= 15.2 | – |
| apple | watchos | <= 8.3 | – |
| fedoraproject | fedora | 34 | – |
| fedoraproject | fedora | 35 | – |
| debian | debian_linux | 10.0 | – |
| debian | debian_linux | 11.0 | – |
| webkitgtk | webkitgtk | <= 2.34.4 | – |
| wpewebkit | wpe_webkit | <= 2.34.4 | – |
Original title
Apple Multiple Products Integer Overflow or Wraparound Vulnerability
Original description
Apple tvOS, macOS, Safari, iPadOS and watchOS contain an integer overflow or wraparound vulnerability due to the processing of maliciously crafted web content that may lead to arbitrary code execution.
Vulnerability type
CWE-190
Integer Overflow
- http://www.openwall.com/lists/oss-security/2022/01/21/2 Mailing List Third Party Advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro... Broken Link
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro... Broken Link
- https://support.apple.com/en-us/HT212975 Release Notes Vendor Advisory
- https://support.apple.com/en-us/HT212976 Release Notes Vendor Advisory
- https://support.apple.com/en-us/HT212978 Release Notes Vendor Advisory
- https://support.apple.com/en-us/HT212980 Release Notes Vendor Advisory
- https://support.apple.com/en-us/HT212982 Release Notes Vendor Advisory
- https://www.debian.org/security/2022/dsa-5060 Mailing List Third Party Advisory
- https://www.debian.org/security/2022/dsa-5061 Mailing List Third Party Advisory
- https://cloud.google.com/blog/topics/threat-intelligence/coruna-powerful-ios-exp... Exploit Third Party Advisory
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-... US Government Resource
Published: 5 Mar 2026 · Updated: 14 Mar 2026 · First seen: 6 Mar 2026