{"id":"CVE-2021-1789","details":"A type confusion issue was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code execution.","modified":"2026-04-16T04:31:29.149870013Z","published":"2021-04-02T18:15:21.747Z","related":["ALSA-2021:4381","SUSE-SU-2021:1430-1","SUSE-SU-2021:1499-1","SUSE-SU-2021:1990-1","openSUSE-SU-2021:0637-1","openSUSE-SU-2024:11506-1"],"references":[{"type":"WEB","url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-1789"},{"type":"ADVISORY","url":"https://support.apple.com/en-us/HT212146"},{"type":"ADVISORY","url":"https://support.apple.com/en-us/HT212147"},{"type":"ADVISORY","url":"https://support.apple.com/en-us/HT212148"},{"type":"ADVISORY","url":"https://support.apple.com/en-us/HT212149"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/202104-03"},{"type":"ADVISORY","url":"https://support.apple.com/en-us/HT212152"},{"type":"ARTICLE","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3L6ZZOU5JS7E3RFYGLP7UFLXCG7TNLU/"},{"type":"ARTICLE","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN6ZOD62CTO54CHTMJTHVEF6R2Y532TJ/"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"14.4"}]},{"events":[{"introduced":"0"},{"fixed":"14.4"}]},{"events":[{"introduced":"10.14"},{"fixed":"10.14.6"}]},{"events":[{"introduced":"10.15"},{"fixed":"10.15.7"}]},{"events":[{"introduced":"0"},{"last_affected":"10.14.6-NA"}]},{"events":[{"introduced":"0"},{"last_affected":"10.14.6-security_update_2019\\-004"}]},{"events":[{"introduced":"0"},{"last_affected":"10.14.6-security_update_2019\\-005"}]},{"events":[{"introduced":"0"},{"last_affected":"10.14.6-security_update_2019\\-006"}]},{"events":[{"introduced":"0"},{"last_affected":"10.14.6-security_update_2019\\-007"}]},{"events":[{"introduced":"0"},{"last_affected":"10.14.6-security_update_2020\\-001"}]},{"events":[{"introduced":"0"},{"last_affected":"10.14.6-security_update_2020\\-002"}]},{"events":[{"introduced":"0"},{"last_affected":"10.14.6-security_update_2020\\-003"}]},{"events":[{"introduced":"0"},{"last_affected":"10.14.6-security_update_2020\\-004"}]},{"events":[{"introduced":"0"},{"last_affected":"10.14.6-security_update_2020\\-005"}]},{"events":[{"introduced":"0"},{"last_affected":"10.14.6-security_update_2020\\-006"}]},{"events":[{"introduced":"0"},{"last_affected":"10.14.6-security_update_2020\\-007"}]},{"events":[{"introduced":"0"},{"last_affected":"10.14.6-supplemental_update"}]},{"events":[{"introduced":"0"},{"last_affected":"10.14.6-supplemental_update_2"}]},{"events":[{"introduced":"0"},{"last_affected":"10.15.7-NA"}]},{"events":[{"introduced":"0"},{"last_affected":"10.15.7-supplemental_update"}]},{"events":[{"introduced":"11.0"},{"fixed":"11.2"}]},{"events":[{"introduced":"0"},{"fixed":"14.4"}]},{"events":[{"introduced":"0"},{"fixed":"7.3"}]},{"events":[{"introduced":"0"},{"last_affected":"32"}]},{"events":[{"introduced":"0"},{"last_affected":"33"}]},{"events":[{"introduced":"0"},{"fixed":"2.30.6"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-1789.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}