Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

APPLE-SA-2021-04-26-7 Safari 14.1

Related Vulnerabilities: CVE-2021-1825   CVE-2020-7463  
Source 
                							

                <!--X-Body-Begin-->
<!--X-User-Header-->
<a href="/fulldisclosure/"><img src="/images/fulldisclosure-logo.png" class="l-logo right" alt="fulldisclosure logo" width="80"></a>
<h2 class="m-list"><a href="/fulldisclosure/">Full Disclosure</a>
mailing list archives</h2>
<!--X-User-Header-End-->
<!--X-TopPNI-->
<div class="nav-bar">
<div class="nav-link">
<a href="56"><img src="/images/left-icon-16x16.png" alt="Previous" width="16" height="16"></a>
<a href="date.html#57">By Date</a>
<a href="58"><img src="/images/right-icon-16x16.png" alt="Next" width="16" height="16"></a>
</div>
<div class="nav-link">
<a href="56"><img src="/images/left-icon-16x16.png" alt="Previous" width="16" height="16"></a>
<a href="index.html#57">By Thread</a>
<a href="58"><img src="/images/right-icon-16x16.png" alt="Next" width="16" height="16"></a>
</div>
<form class="nst-search center" action="/search/fulldisclosure">
<input class="nst-search-q" name="q" type="search" placeholder="List Archive Search">
<button class="nst-search-button" title="Search">
<img style="width:100%;aspect-ratio:1/1;" alt="" aria-hidden="true" src="/shared/images/nst-icons.svg#search">
</button>
</form>

</div>

<!--X-TopPNI-End-->
<!--X-MsgBody-->
<!--X-Subject-Header-Begin-->
<h1 class="m-title">APPLE-SA-2021-04-26-7 Safari 14.1</h1>
<hr>
<!--X-Subject-Header-End-->
<!--X-Head-of-Message-->


<em>From</em>: Apple Product Security via Fulldisclosure &lt;fulldisclosure () seclists org&gt;


<em>Date</em>: Mon, 26 Apr 2021 15:51:49 -0700


<!--X-Head-of-Message-End-->
<!--X-Head-Body-Sep-Begin-->
<hr>
<!--X-Head-Body-Sep-End-->
<!--X-Body-of-Message-->
<pre style="margin: 0em;">-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2021-04-26-7 Safari 14.1

Safari 14.1 addresses the following issues.
Information about the security content is also available at
<a rel="nofollow" href="https://support.apple.com/HT212318">https://support.apple.com/HT212318</a>.

WebKit
Available for: macOS Catalina and macOS Mojave
Impact: Processing maliciously crafted web content may lead to a
cross site scripting attack
Description: An input validation issue was addressed with improved
input validation.
CVE-2021-1825: Alex Camboe of Aon’s Cyber Solutions

WebRTC
Available for: macOS Catalina and macOS Mojave
Impact: A remote attacker may be able to cause unexpected system
termination or corrupt kernel memory
Description: A use after free issue was addressed with improved
memory management.
CVE-2020-7463: Megan2013678

Installation note:

This update may be obtained from the Mac App Store.

Information will also be posted to the Apple Security Updates
web site: <a rel="nofollow" href="https://support.apple.com/kb/HT201222">https://support.apple.com/kb/HT201222</a>

This message is signed with Apple's Product Security PGP key,
and details are available at:
<a rel="nofollow" href="https://www.apple.com/support/security/pgp/">https://www.apple.com/support/security/pgp/</a>

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEbURczHs1TP07VIfuZcsbuWJ6jjAFAmCHO3wACgkQZcsbuWJ6
jjCVlg//QzcXS9Jzd4p1cEiwueBHv3aJXOcPXrmyLCvYJQv/lym8hZX6mgItUZPJ
XzBI4W/dZ+/TVWqkfu1nU2Tnd/O14blJLDlb7IbxpZ4HgsQp08T379gJqqX7Eazw
vs2MHUvarZJJp2k0XyxAuaOu+aE6JP6iqsoaXy/xnTAmiMVyojwHdQCP6T9IDyY1
gDhC1obltamK/qPJR0NoZFGSNP8nhd0FQWApmVqD13DIzd+jE6WFIY5SfgPSP/Qi
qHDxrdyUthnGTki4Q5Q/d6O9hKpEn79C510OfklxK6Uz98oFlk7JVnQS6HOljEtj
BjX7q+7uuU2NRmdsRfxGuoXsB38qcoKP2uiTfxBkyV4zfr4yUTwBxgBUG+xFs+kN
p7goCDzGxPhxJajan7p1XOnq9ZE0XWn8Z6N1QGCGRO/XxWcb9bW8k0UN6NWj5W5v
vNSdhD1BPNIVsLS5Cb2SUizoWPbfb6bEtQ+GVcdMSzXmumiODh5SoBvdFdf7/AAa
QCF+New0Kk2kUGA/vKQzcgVcXmAqrsl+Zyv8Gwu38VmFncY+JnimeYVGggOfUEJ3
I4mijVs/gHxlnfvYz+BiPQug5oO4dQ+o/TL9C6GXzP+AzDNr7byOWIIOJAgnacJT
Zff4Rh+65MN0fT41t/+OrKLdticCNXhLdNPBBTcF86aVj0ucHH0=
=aWwC
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the Full Disclosure mailing list
<a rel="nofollow" href="https://nmap.org/mailman/listinfo/fulldisclosure">https://nmap.org/mailman/listinfo/fulldisclosure</a>
Web Archives &amp; RSS: <a rel="nofollow" href="http://seclists.org/fulldisclosure/">http://seclists.org/fulldisclosure/</a></pre>
<!--X-Body-of-Message-End-->
<!--X-MsgBody-End-->
<!--X-Follow-Ups-->
<hr>
<!--X-Follow-Ups-End-->
<!--X-References-->
<!--X-References-End-->
<!--X-BotPNI-->
<div class="nav-bar">
<div class="nav-link">
<a href="56"><img src="/images/left-icon-16x16.png" alt="Previous" width="16" height="16"></a>
<a href="date.html#57">By Date</a>
<a href="58"><img src="/images/right-icon-16x16.png" alt="Next" width="16" height="16"></a>
</div>
<div class="nav-link">
<a href="56"><img src="/images/left-icon-16x16.png" alt="Previous" width="16" height="16"></a>
<a href="index.html#57">By Thread</a>
<a href="58"><img src="/images/right-icon-16x16.png" alt="Next" width="16" height="16"></a>
</div>
</div>
<h3 class="m-thread">Current thread:</h3>
<ul class="thread">
<li><strong>APPLE-SA-2021-04-26-7 Safari 14.1</strong> <em>Apple Product Security via Fulldisclosure (Apr 27)</em>
</li></ul>


<!--X-BotPNI-End-->
<!--X-User-Footer-->
<!--X-User-Footer-End-->
<p>

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started