What is CVE-2021-30689?

CVE-2021-30689 is a vulnerability in WebKit that was addressed with improved state management.

Who is affected by CVE-2021-30689?

Users of Apple tvOS 14.6, Apple watchOS 7.5, Apple Safari 14.1.1, Apple macOS Big Sur 11.4, Apple iOS 14.6, and Apple iPadOS 14.6 are affected by CVE-2021-30689.

What is the severity of CVE-2021-30689?

The severity of CVE-2021-30689 is not specified in the provided information. Please refer to the references for more details.

How can I fix CVE-2021-30689?

To fix CVE-2021-30689, users should update their affected devices to the recommended versions provided by Apple. Please refer to the references for specific instructions.

Where can I find more information about CVE-2021-30689?

More information about CVE-2021-30689 can be found in the references provided by Apple.

Vulnerability/
CVE-2021-30689

medium

6.1

CWE

24/5/2021

8/9/2021

3/8/2024

CVE-2021-30689: XSS

First published: Mon May 24 2021(Updated: )

A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to universal cross site scripting.

Credit: an anonymous researcher an anonymous researcher an anonymous researcher an anonymous researcher an anonymous researcher product-security@apple.com

Affected Software	Affected Version	How to fix
debian/webkit2gtk		2.36.4-1~deb10u1 2.38.6-0+deb10u1 2.40.5-1~deb11u1 2.42.1-1~deb11u2 2.40.5-1~deb12u1 2.42.1-1~deb12u1 2.42.1-2
debian/wpewebkit		2.38.6-1~deb11u1 2.38.6-1 2.42.1-1
Apple macOS	<11.4	11.4
tvOS	<14.6	14.6
Apple iOS, iPadOS, and watchOS	<7.5	7.5
Safari	<14.1.1	14.1.1
Apple iOS and iPadOS	<14.6	14.6
Apple iOS, iPadOS, and macOS	<14.6	14.6
Safari	<14.1.1
Apple iOS, iPadOS, and macOS	<14.6
iPhone OS	<14.6
macOS	>=11.0<11.4
tvOS	<14.6
Apple iOS, iPadOS, and watchOS	<7.5

Never miss a vulnerability like this again

Reference Links

https://support.apple.com/en-us/HT212528 (Advisory)
https://support.apple.com/en-us/HT212529 (Advisory)
https://support.apple.com/en-us/HT212532 (Advisory)
https://support.apple.com/en-us/HT212533 (Advisory)
https://support.apple.com/en-us/HT212534 (Advisory)
https://webkitgtk.org/security/WSA-2021-0004.html
https://security-tracker.debian.org/tracker/CVE-2021-30689

Parent vulnerabilities

(Appears in the following advisories)

Peer vulnerabilities

(Found alongside the following vulnerabilities)

CVE-2021-30678
CVE-2021-30676
CVE-2021-30688
CVE-2021-30669
CVE-2021-30707
CVE-2021-30685
CVE-2021-30672
CVE-2021-30681
CVE-2021-30686
CVE-2021-30733
CVE-2021-30753
CVE-2021-30727
CVE-2021-30724
CVE-2021-30673
CVE-2021-30771
CVE-2021-30755
CVE-2021-30684
CVE-2021-30735
CVE-2021-30697
CVE-2021-30710
CVE-2021-30683
CVE-2021-30687
CVE-2021-30700
CVE-2021-30701
CVE-2021-30705
CVE-2021-30706
CVE-2021-30719
CVE-2021-30728
CVE-2021-30726
CVE-2021-30731
CVE-2021-30740
CVE-2021-30704
CVE-2021-30715
CVE-2021-30736
CVE-2021-30739
CVE-2021-30703
CVE-2021-30680
CVE-2021-30677
CVE-2021-30702
CVE-2021-30696
CVE-2021-30756
CVE-2021-30723
CVE-2021-30691
CVE-2021-30692
CVE-2021-30694
CVE-2021-30725
CVE-2021-30746
CVE-2021-30693
CVE-2021-30695
CVE-2021-30708
CVE-2021-30709
CVE-2021-30679
CVE-2020-36226
CVE-2020-36227
CVE-2020-36223
CVE-2020-36224
CVE-2020-36225
CVE-2020-36221
CVE-2020-36228
CVE-2020-36222
CVE-2020-36230
CVE-2020-36229
CVE-2021-30738
CVE-2021-30751
CVE-2021-30737
CVE-2021-30716
CVE-2021-30717
CVE-2021-30721
CVE-2021-30722
CVE-2021-30712
CVE-2021-30668
CVE-2021-30718
CVE-2021-30671
CVE-2021-30713
CVE-2021-30744
CVE-2021-21779
CVE-2021-30682
CVE-2021-30689
CVE-2021-30749
CVE-2021-30734
CVE-2021-30720
CVE-2021-23841
CVE-2021-30698
CVE-2021-30665
CVE-2021-30663
CVE-2021-30714
CVE-2021-30729
CVE-2021-30674
CVE-2021-30741
CVE-2021-1821
CVE-2021-30699
CVE-2021-30999
CVE-2021-30667

Frequently Asked Questions

What is CVE-2021-30689?
CVE-2021-30689 is a vulnerability in WebKit that was addressed with improved state management.
Who is affected by CVE-2021-30689?
Users of Apple tvOS 14.6, Apple watchOS 7.5, Apple Safari 14.1.1, Apple macOS Big Sur 11.4, Apple iOS 14.6, and Apple iPadOS 14.6 are affected by CVE-2021-30689.
What is the severity of CVE-2021-30689?
The severity of CVE-2021-30689 is not specified in the provided information. Please refer to the references for more details.
How can I fix CVE-2021-30689?
To fix CVE-2021-30689, users should update their affected devices to the recommended versions provided by Apple. Please refer to the references for specific instructions.
Where can I find more information about CVE-2021-30689?
More information about CVE-2021-30689 can be found in the references provided by Apple.

collector/security-tracker-debian
agent/type
agent/first-publish-date
agent/references
agent/weakness
agent/severity
agent/author
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/event
agent/trending
collector/apple-support
agent/software-canonical-lookup-request
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
package-manager/debian
vendor/apple
canonical/apple macos
canonical/tvos
canonical/apple ios, ipados, and watchos
canonical/safari
canonical/apple ios and ipados
canonical/apple ios, ipados, and macos
canonical/iphone os
canonical/macos
version/macos/11.0