CVE-2021-30755

Processing a maliciously crafted font may result in the disclosure of process memory. This issue is fixed in macOS Big Sur 11.4, tvOS 14.6, watchOS 7.5. An out-of-bounds read was addressed with improved input validation.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.5 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
appleCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 60%
VendorProductVersion
applemacos
11.0 ≤
𝑥
< 11.4
appletvos
𝑥
< 14.6
applewatchos
𝑥
< 7.5
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://support.apple.com/en-us/HT212529
https://support.apple.com/en-us/HT212532
https://support.apple.com/en-us/HT212533
https://support.apple.com/en-us/HT212529
https://support.apple.com/en-us/HT212532
https://support.apple.com/en-us/HT212533