First published: Tue Jan 26 2021(Updated: )
WebKit. A type confusion issue was addressed with improved state handling.
Credit: @S0rryMybad 360 Vulcan Team @S0rryMybad 360 Vulcan Team @S0rryMybad 360 Vulcan Team @S0rryMybad 360 Vulcan Team @S0rryMybad 360 Vulcan Team product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple iOS | <14.4 | 14.4 |
Apple iPadOS | <14.4 | 14.4 |
Apple macOS Big Sur | <11.2 | 11.2 |
Apple Catalina | ||
Apple Mojave | ||
Apple watchOS | <7.3 | 7.3 |
Apple tvOS | <14.4 | 14.4 |
Apple Safari | <14.0.3 | 14.0.3 |
Apple Multiple Products | ||
Apple iPadOS | <14.4 | |
Apple iPhone OS | <14.4 | |
Apple Mac OS X | >=10.14<10.14.6 | |
Apple Mac OS X | >=10.15<10.15.7 | |
Apple Mac OS X | =10.14.6 | |
Apple Mac OS X | =10.14.6-security_update_2019-004 | |
Apple Mac OS X | =10.14.6-security_update_2019-005 | |
Apple Mac OS X | =10.14.6-security_update_2019-006 | |
Apple Mac OS X | =10.14.6-security_update_2019-007 | |
Apple Mac OS X | =10.14.6-security_update_2020-001 | |
Apple Mac OS X | =10.14.6-security_update_2020-002 | |
Apple Mac OS X | =10.14.6-security_update_2020-003 | |
Apple Mac OS X | =10.14.6-security_update_2020-004 | |
Apple Mac OS X | =10.14.6-security_update_2020-005 | |
Apple Mac OS X | =10.14.6-security_update_2020-006 | |
Apple Mac OS X | =10.14.6-security_update_2020-007 | |
Apple Mac OS X | =10.14.6-supplemental_update | |
Apple Mac OS X | =10.14.6-supplemental_update_2 | |
Apple Mac OS X | =10.15.7 | |
Apple Mac OS X | =10.15.7-supplemental_update | |
Apple macOS | >=11.0<11.2 | |
Apple tvOS | <14.4 | |
Apple watchOS | <7.3 | |
Fedoraproject Fedora | =32 | |
Fedoraproject Fedora | =33 | |
WebKitGTK WebKitGTK | <2.30.6 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
The vulnerability ID for this issue is CVE-2021-1789.
Multiple Apple products including Apple Multiple Products, Safari, macOS Big Sur, Catalina, Mojave, watchOS, iOS, iPadOS, and tvOS are affected.
The vulnerability allows processing of maliciously crafted web content, leading to arbitrary code execution.
Apply the available security updates or patches provided by Apple for the affected products.
You can find more information about this vulnerability on the following references: [Apple Support - HT212147](https://support.apple.com/en-us/HT212147), [Apple Support - HT212148](https://support.apple.com/en-us/HT212148), [Apple Support - HT212146](https://support.apple.com/en-us/HT212146).