VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-4fv8-5wm3-byf9

Essentials
Severities (22)
References (29)
Severity details (13)
Exploits (1)
EPSS
History (1)

Vulnerability ID	VCID-4fv8-5wm3-byf9
Aliases	CVE-2021-30665
Summary	Multiple vulnerabilities have been found in WebkitGTK+, the worst of which could result in the arbitrary execution of code.
Status	Published
Exploitability	2.0
Weighted Severity	8.0
Risk	10.0
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-20

Improper Input Validation

System	Score	Found at
cvssv3	8.8	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30665.json
epss	0.00608	https://api.first.org/data/v1/epss?cve=CVE-2021-30665
epss	0.00608	https://api.first.org/data/v1/epss?cve=CVE-2021-30665
epss	0.00608	https://api.first.org/data/v1/epss?cve=CVE-2021-30665
epss	0.00608	https://api.first.org/data/v1/epss?cve=CVE-2021-30665
epss	0.00608	https://api.first.org/data/v1/epss?cve=CVE-2021-30665
epss	0.00608	https://api.first.org/data/v1/epss?cve=CVE-2021-30665
epss	0.00608	https://api.first.org/data/v1/epss?cve=CVE-2021-30665
epss	0.00608	https://api.first.org/data/v1/epss?cve=CVE-2021-30665
epss	0.00608	https://api.first.org/data/v1/epss?cve=CVE-2021-30665
archlinux	High	https://security.archlinux.org/AVG-2220
archlinux	High	https://security.archlinux.org/AVG-2221
cvssv3.1	8.8	https://support.apple.com/en-us/HT212335
ssvc	Attend	https://support.apple.com/en-us/HT212335
cvssv3.1	8.8	https://support.apple.com/en-us/HT212336
ssvc	Attend	https://support.apple.com/en-us/HT212336
cvssv3.1	8.8	https://support.apple.com/en-us/HT212339
ssvc	Attend	https://support.apple.com/en-us/HT212339
cvssv3.1	8.8	https://support.apple.com/en-us/HT212341
ssvc	Attend	https://support.apple.com/en-us/HT212341
cvssv3.1	8.8	https://support.apple.com/en-us/HT212532
ssvc	Attend	https://support.apple.com/en-us/HT212532

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30665.json
		https://api.first.org/data/v1/epss?cve=CVE-2021-30665
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21775
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21779
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30663
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30665
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30689
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30720
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30734
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30744
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30749
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30758
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30795
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30797
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30799
1986874		https://bugzilla.redhat.com/show_bug.cgi?id=1986874
ASA-202107-67		https://security.archlinux.org/ASA-202107-67
ASA-202107-68		https://security.archlinux.org/ASA-202107-68
AVG-2220		https://security.archlinux.org/AVG-2220
AVG-2221		https://security.archlinux.org/AVG-2221
GLSA-202202-01		https://security.gentoo.org/glsa/202202-01
HT212335		https://support.apple.com/en-us/HT212335
HT212336		https://support.apple.com/en-us/HT212336
HT212339		https://support.apple.com/en-us/HT212339
HT212341		https://support.apple.com/en-us/HT212341
HT212532		https://support.apple.com/en-us/HT212532
RHSA-2021:4381		https://access.redhat.com/errata/RHSA-2021:4381
RHSA-2025:10364		https://access.redhat.com/errata/RHSA-2025:10364
USN-5024-1		https://usn.ubuntu.com/5024-1/

Data source	KEV
Date added	Nov. 3, 2021
Description	Apple iOS, iPadOS, macOS, watchOS, and tvOS WebKit contain a memory corruption vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.
Required action	Apply updates per vendor instructions.
Due date	Nov. 17, 2021
Note	https://nvd.nist.gov/vuln/detail/CVE-2021-30665
Ransomware campaign use	Unknown

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30665.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/HT212335

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T17:26:21Z/ Found at https://support.apple.com/en-us/HT212335

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/HT212336

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T17:26:21Z/ Found at https://support.apple.com/en-us/HT212336

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/HT212339

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T17:26:21Z/ Found at https://support.apple.com/en-us/HT212339

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/HT212341

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T17:26:21Z/ Found at https://support.apple.com/en-us/HT212341

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://support.apple.com/en-us/HT212532

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T17:26:21Z/ Found at https://support.apple.com/en-us/HT212532

Exploit Prediction Scoring System (EPSS)

Percentile	0.69615
EPSS Score	0.00608
Published At	April 1, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T13:11:57.246702+00:00	Gentoo Importer	Import	https://security.gentoo.org/glsa/202202-01	38.0.0