CVE-2021-30887
Published: 24 August 2021
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.1. Processing maliciously crafted web content may lead to unexpectedly unenforced Content Security Policy.
Priority
Medium
CVSS 3 base score: 6.5
Status
| Package | Release | Status |
|---|---|---|
|
qtwebkit-opensource-src Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
| Ubuntu 21.10 (Impish Indri) |
Needs triage
|
|
| Ubuntu 21.04 (Hirsute Hippo) |
Ignored
(reached end-of-life)
|
|
| Ubuntu 20.04 LTS (Focal Fossa) |
Needs triage
|
|
| Ubuntu 18.04 LTS (Bionic Beaver) |
Needs triage
|
|
| Ubuntu 16.04 ESM (Xenial Xerus) |
Needs triage
|
|
| Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
|
qtwebkit-source Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
| Ubuntu 21.10 (Impish Indri) |
Does not exist
|
|
| Ubuntu 21.04 (Hirsute Hippo) |
Does not exist
|
|
| Ubuntu 20.04 LTS (Focal Fossa) |
Does not exist
|
|
| Ubuntu 18.04 LTS (Bionic Beaver) |
Needs triage
|
|
| Ubuntu 16.04 ESM (Xenial Xerus) |
Needs triage
|
|
| Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
|
webkit2gtk Launchpad, Ubuntu, Debian |
Upstream |
Released
(2.34.3)
|
| Ubuntu 21.10 (Impish Indri) |
Released
(2.34.3-0ubuntu0.21.10.1)
|
|
| Ubuntu 21.04 (Hirsute Hippo) |
Released
(2.34.3-0ubuntu0.21.04.1)
|
|
| Ubuntu 20.04 LTS (Focal Fossa) |
Released
(2.34.3-0ubuntu0.20.04.1)
|
|
| Ubuntu 18.04 LTS (Bionic Beaver) |
Deferred
|
|
| Ubuntu 16.04 ESM (Xenial Xerus) |
Deferred
|
|
| Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
|
webkitgtk Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
| Ubuntu 21.10 (Impish Indri) |
Does not exist
|
|
| Ubuntu 21.04 (Hirsute Hippo) |
Does not exist
|
|
| Ubuntu 20.04 LTS (Focal Fossa) |
Does not exist
|
|
| Ubuntu 18.04 LTS (Bionic Beaver) |
Needs triage
|
|
| Ubuntu 16.04 ESM (Xenial Xerus) |
Needs triage
|
|
| Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
|
wpewebkit Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
| Ubuntu 21.10 (Impish Indri) |
Needs triage
|
|
| Ubuntu 21.04 (Hirsute Hippo) |
Ignored
(reached end-of-life)
|
|
| Ubuntu 20.04 LTS (Focal Fossa) |
Needs triage
|
|
| Ubuntu 18.04 LTS (Bionic Beaver) |
Does not exist
|
|
| Ubuntu 16.04 ESM (Xenial Xerus) |
Does not exist
|
|
| Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
Notes
| Author | Note |
|---|---|
| jdstrand | webkit receives limited support. For details, see https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8 |