Vulnerability Description
This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Maliciously crafted web content may violate iframe sandboxing policy.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apple | Mac Os X | >= 10.14, < 10.14.6 |
| Apple | Macos | >= 11.0, < 11.2 |
| Fedoraproject | Fedora | 32 |
| Webkitgtk | Webkitgtk | < 2.30.6 |
References
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
- https://security.gentoo.org/glsa/202104-03Third Party Advisory
- https://support.apple.com/en-us/HT212147Release NotesVendor Advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
- https://security.gentoo.org/glsa/202104-03Third Party Advisory
- https://support.apple.com/en-us/HT212147Release NotesVendor Advisory
FAQ
What is CVE-2021-1765?
CVE-2021-1765 is a vulnerability with a CVSS score of 6.5 (MEDIUM). This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Maliciously crafted we...
How severe is CVE-2021-1765?
CVE-2021-1765 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-1765?
Check the references section above for vendor advisories and patch information. Affected products include: Apple Mac Os X, Apple Macos, Fedoraproject Fedora, Webkitgtk Webkitgtk.