Search for vulnerabilities
Vulnerability details: VCID-yvde-1s38-aaaa
Vulnerability ID VCID-yvde-1s38-aaaa
Aliases CVE-2021-30884
Summary The issue was resolved with additional restrictions on CSS compositing. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Visiting a maliciously crafted website may reveal a user's browsing history.
Status Published
Exploitability 0.5
Weighted Severity 6.2
Risk 3.1
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
System Score Found at
rhas Moderate https://access.redhat.com/errata/RHSA-2022:1777
cvssv3 4.7 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30884.json
epss 0.00141 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00141 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00150 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00150 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00150 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00150 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00150 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00150 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00150 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00150 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00150 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00150 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00150 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00150 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00150 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00150 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00150 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00150 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00166 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00166 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00166 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00166 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00166 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00166 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00171 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00171 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00171 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00171 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00171 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00171 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00171 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00171 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00171 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00171 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00171 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00171 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00171 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00171 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00171 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00171 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00171 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00171 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00171 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00171 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00171 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00171 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00171 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00171 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00171 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00171 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00171 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00171 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00171 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00171 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00171 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00171 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00171 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00171 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00171 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00171 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00171 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00171 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00223 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.0028 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.0028 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.0028 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.0028 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.0028 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.0028 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.0028 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.0028 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.0028 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.0028 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.0028 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.0028 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.0028 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.0028 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.0028 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.0028 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.0028 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.0028 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.0028 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.0028 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.0028 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.0028 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.0028 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.0028 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.0028 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00342 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
epss 0.00393 https://api.first.org/data/v1/epss?cve=CVE-2021-30884
rhbs low https://bugzilla.redhat.com/show_bug.cgi?id=2034378
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30846
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30851
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42762
cvssv3.1 4.7 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv2 4.3 https://nvd.nist.gov/vuln/detail/CVE-2021-30884
cvssv3 4.7 https://nvd.nist.gov/vuln/detail/CVE-2021-30884
cvssv3.1 4.7 https://nvd.nist.gov/vuln/detail/CVE-2021-30884
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30884.json
https://api.first.org/data/v1/epss?cve=CVE-2021-30884
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30818
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30823
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30846
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30851
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30884
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30888
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30889
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42762
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45481
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45483
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://support.apple.com/en-us/HT212814
https://support.apple.com/en-us/HT212815
https://support.apple.com/en-us/HT212819
https://support.apple.com/kb/HT212869
http://www.openwall.com/lists/oss-security/2021/12/20/6
2034378 https://bugzilla.redhat.com/show_bug.cgi?id=2034378
cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
CVE-2021-30884 https://nvd.nist.gov/vuln/detail/CVE-2021-30884
GLSA-202202-01 https://security.gentoo.org/glsa/202202-01
RHSA-2022:1777 https://access.redhat.com/errata/RHSA-2022:1777
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30884.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2021-30884
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2021-30884
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2021-30884
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.3544
EPSS Score 0.00141
Published At May 10, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.