CVE Vulnerabilities

CVE-2021-1801

Published: Apr 02, 2021 | Modified: Nov 07, 2023
CVSS 3.x
6.5
MEDIUM
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
6.5 MODERATE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Ubuntu
MEDIUM

This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Maliciously crafted web content may violate iframe sandboxing policy.

Affected Software

Name Vendor Start Version End Version
Ipad_os Apple * 14.4 (excluding)
Iphone_os Apple * 14.4 (excluding)
Macos Apple 11.0.1 (including) 11.2 (excluding)
Tvos Apple * 14.4 (excluding)
Watchos Apple * 7.3 (excluding)
Red Hat Enterprise Linux 8 RedHat webkit2gtk3-0:2.32.3-2.el8 *
Qtwebkit-opensource-src Ubuntu bionic *
Qtwebkit-opensource-src Ubuntu devel *
Qtwebkit-opensource-src Ubuntu esm-apps/bionic *
Qtwebkit-opensource-src Ubuntu esm-apps/focal *
Qtwebkit-opensource-src Ubuntu esm-apps/jammy *
Qtwebkit-opensource-src Ubuntu esm-apps/noble *
Qtwebkit-opensource-src Ubuntu esm-infra/xenial *
Qtwebkit-opensource-src Ubuntu focal *
Qtwebkit-opensource-src Ubuntu groovy *
Qtwebkit-opensource-src Ubuntu hirsute *
Qtwebkit-opensource-src Ubuntu impish *
Qtwebkit-opensource-src Ubuntu jammy *
Qtwebkit-opensource-src Ubuntu kinetic *
Qtwebkit-opensource-src Ubuntu lunar *
Qtwebkit-opensource-src Ubuntu mantic *
Qtwebkit-opensource-src Ubuntu noble *
Qtwebkit-opensource-src Ubuntu trusty *
Qtwebkit-opensource-src Ubuntu upstream *
Qtwebkit-opensource-src Ubuntu xenial *
Qtwebkit-source Ubuntu bionic *
Qtwebkit-source Ubuntu esm-apps/bionic *
Qtwebkit-source Ubuntu esm-apps/xenial *
Qtwebkit-source Ubuntu trusty *
Qtwebkit-source Ubuntu xenial *
Webkit2gtk Ubuntu bionic *
Webkit2gtk Ubuntu devel *
Webkit2gtk Ubuntu esm-infra/xenial *
Webkit2gtk Ubuntu focal *
Webkit2gtk Ubuntu groovy *
Webkit2gtk Ubuntu hirsute *
Webkit2gtk Ubuntu impish *
Webkit2gtk Ubuntu jammy *
Webkit2gtk Ubuntu kinetic *
Webkit2gtk Ubuntu lunar *
Webkit2gtk Ubuntu mantic *
Webkit2gtk Ubuntu noble *
Webkit2gtk Ubuntu upstream *
Webkit2gtk Ubuntu xenial *
Webkitgtk Ubuntu bionic *
Webkitgtk Ubuntu esm-apps/bionic *
Webkitgtk Ubuntu esm-apps/xenial *
Webkitgtk Ubuntu trusty *
Webkitgtk Ubuntu xenial *
Wpewebkit Ubuntu esm-apps/focal *
Wpewebkit Ubuntu esm-apps/jammy *
Wpewebkit Ubuntu focal *
Wpewebkit Ubuntu groovy *
Wpewebkit Ubuntu hirsute *
Wpewebkit Ubuntu impish *
Wpewebkit Ubuntu jammy *
Wpewebkit Ubuntu trusty *
Wpewebkit Ubuntu upstream *

References