CVE-2021-30818
First published: Mon Sep 13 2021(Updated: )
A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, Safari 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution.
Credit: Amar Menezes @amarekano Zon8ResearchAmar Menezes @amarekano Zon8ResearchAmar Menezes @amarekano Zon8ResearchAmar Menezes @amarekano Zon8ResearchAmar Menezes @amarekano Zon8ResearchAmar Menezes @amarekano Zon8Research product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| <15.0 | ||
| <14.8 | ||
| <14.8 | ||
| <12.0.1 | ||
| <15.0 | ||
| <8.0 | ||
| Apple Safari | <15 | 15 |
| Apple iOS | <15 | 15 |
| Apple iPadOS | <15 | 15 |
| Apple watchOS | <8 | 8 |
| Apple tvOS | <15 | 15 |
| Apple iOS | <14.8 | 14.8 |
| Apple iPadOS | <14.8 | 14.8 |
| Apple macOS Monterey | <12.0.1 | 12.0.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://support.apple.com/en-us/HT212807 (Advisory)
- https://support.apple.com/en-us/HT212814 (Advisory)
- https://support.apple.com/en-us/HT212815 (Advisory)
- https://support.apple.com/en-us/HT212816 (Advisory)
- https://support.apple.com/en-us/HT212819 (Advisory)
- https://support.apple.com/en-us/HT212869 (Advisory)
- http://www.openwall.com/lists/oss-security/2021/12/20/6
- https://support.apple.com/kb/HT212869
Parent vulnerabilities
(Appears in the following advisories)
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2021-30838
- CVE-2021-30820
- CVE-2021-30905
- CVE-2021-30834
- CVE-2021-30928
- CVE-2021-30860
- CVE-2021-30864
- CVE-2021-31010
- CVE-2021-30841
- CVE-2021-30843
- CVE-2021-30842
- CVE-2021-30852
- CVE-2021-30847
- CVE-2021-30857
- CVE-2021-30859
- CVE-2013-0340
- CVE-2021-30855
- CVE-2021-30826
- CVE-2021-30818
- CVE-2021-30823
- CVE-2021-30836
- CVE-2021-30858
- CVE-2021-30848
- CVE-2021-30849
- CVE-2021-30846
- CVE-2021-30837
- CVE-2021-30811
- CVE-2021-30866
- CVE-2021-30825
- CVE-2021-30863
- CVE-2021-30816
- CVE-2021-30882
- CVE-2021-30831
- CVE-2021-30840
- CVE-2021-30867
- CVE-2021-30814
- CVE-2021-30835
- CVE-2021-30819
- CVE-2021-30874
- CVE-2021-30854
- CVE-2021-30898
- CVE-2021-30870
- CVE-2021-30925
- CVE-2021-30808
- CVE-2021-30815
- CVE-2021-31001
- CVE-2021-31005
- CVE-2021-31008
- CVE-2021-30897
- CVE-2021-30884
- CVE-2021-30809
- CVE-2021-30851
- CVE-2021-30930
- CVE-2021-30810
- CVE-2021-30850
- CVE-2021-30861
- CVE-2021-30873
- CVE-2021-30876
- CVE-2021-30879
- CVE-2021-30877
- CVE-2021-30880
- CVE-2021-30994
- CVE-2021-30907
- CVE-2021-30899
- CVE-2021-30931
- CVE-2021-30917
- CVE-2021-30903
- CVE-2021-30919
- CVE-2020-9846
- CVE-2021-30881
- CVE-2021-30923
- CVE-2021-30895
- CVE-2021-30896
- CVE-2021-30933
- CVE-2021-30906
- CVE-2021-30922
- CVE-2021-30824
- CVE-2021-30901
- CVE-2021-30821
- CVE-2021-30883
- CVE-2021-30924
- CVE-2021-30886
- CVE-2021-30909
- CVE-2021-30916
- CVE-2021-30813
- CVE-2021-31011
- CVE-2021-30904
- CVE-2021-30910
- CVE-2021-30911
- CVE-2021-30920
- CVE-2021-31004
- CVE-2021-31002
- CVE-2021-30868
- CVE-2021-30912
- CVE-2021-30913
- CVE-2021-30915
- CVE-2021-30887
- CVE-2021-30888
- CVE-2021-30889
- CVE-2021-30890
- CVE-2021-30908
- CVE-2021-30833
- CVE-2021-30892
Frequently Asked Questions
What is CVE-2021-30818?
CVE-2021-30818 is a type confusion issue in WebKit that has been addressed with improved state handling.
Which software versions are affected by CVE-2021-30818?
CVE-2021-30818 affects watchOS up to version 8, iOS up to version 15, iPadOS up to version 15, iOS up to version 14.8, iPadOS up to version 14.8, tvOS up to version 15, Safari up to version 15, and macOS Monterey up to version 12.0.1.
How can I fix the vulnerability in my software?
To fix the vulnerability, update your software to the latest version provided by Apple.
Where can I find more information about CVE-2021-30818?
You can find more information about CVE-2021-30818 on the Apple support website.
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/type
- agent/weakness
- collector/apple-support
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/apple
- canonical/apple ios
- canonical/apple ipados
- canonical/apple tvos
- canonical/apple safari
- canonical/apple watchos
- canonical/apple macos monterey