CVE-2021-30884

CVSS v3.1

4.7

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions Apple iOS versions prior to 15 Apple iPadOS versions prior to 15 Apple tvOS versions prior to 15 Apple watchOS versions prior to 8

Description The issue allows a remote attacker to access confidential data by visiting a maliciously crafted website, potentially revealing a user's browsing history. This is related to the WPE WebKit module, which is associated with inadequate protection of web page structure.

Recommendations For Apple iOS versions prior to 15, update to iOS 15 or later to resolve the issue. For Apple iPadOS versions prior to 15, update to iPadOS 15 or later to resolve the issue. For Apple tvOS versions prior to 15, update to tvOS 15 or later to resolve the issue. For Apple watchOS versions prior to 8, update to watchOS 8 or later to resolve the issue.

Exploit

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

ALSA-2022:1777

ALT-PU-2021-3571

ALT-PU-2022-2162

BDU:2022-05787

CESA-2022_1777

CVE-2021-30884

DSA-4995-1

DSA-4996-1

OPENSUSE-SU-2022:0182-1

OPENSUSE-SU-2022_0182-1

OPENSUSE-SU-2022_0182-2

RHSA-2022:1777

RHSA-2022_1777

RHSA-2025:10364

RLSA-2022:1777

SUSE-SU-2022:0142-1

SUSE-SU-2022:0182-1

SUSE-SU-2022:0182-2

SUSE-SU-2022:0183-1

Affected Products

Alt Linux

Almalinux

Astra Linux

Centos

Apple Macos

Red Hat

Rocky Linux

Suse

Ios

Ipados

Tvos

Watchos

CVE-2021-30884

Weakness Enumeration

Related Identifiers

Affected Products

References · 176