CVE-2021-30860
24.08.2021, 19:15
An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, watchOS 7.6.2. Processing a maliciously crafted PDF may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.Enginsight
| Vendor | Product | Version |
|---|---|---|
| apple | ipados | 𝑥 < 14.8 |
| apple | iphone_os | 𝑥 < 12.5.5 |
| apple | iphone_os | 13.0 ≤ 𝑥 < 14.8 |
| apple | mac_os_x | 10.15 ≤ 𝑥 < 10.15.7 |
| apple | mac_os_x | 10.15.7 |
| apple | mac_os_x | 10.15.7:security_update_2020 |
| apple | mac_os_x | 10.15.7:security_update_2020-001 |
| apple | mac_os_x | 10.15.7:security_update_2021-001 |
| apple | mac_os_x | 10.15.7:security_update_2021-002 |
| apple | mac_os_x | 10.15.7:security_update_2021-003 |
| apple | mac_os_x | 10.15.7:security_update_2021-004 |
| apple | macos | 𝑥 < 11.6 |
| apple | watchos | 𝑥 < 7.6.2 |
| xpdfreader | xpdf | 𝑥 < 4.04 |
| freedesktop | poppler | 𝑥 < 22.09.0 |
𝑥
= Vulnerable software versions
References