Unrated severityCISA KEVNVD Advisory· Published Apr 2, 2021· Updated Oct 21, 2025

CVE-2021-1879

Description

This issue was addressed by improved management of object lifetimes. This issue is fixed in iOS 12.5.2, iOS 14.4.2 and iPadOS 14.4.2, watchOS 7.3.3. Processing maliciously crafted web content may lead to universal cross site scripting. Apple is aware of a report that this issue may have been actively exploited..

Affected products

Apple Inc./watchOSv5
Range: unspecified
Apple/iOSv5
Range: unspecified
Apple/iOS and iPadOSv5
Range: unspecified

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

support.apple.com/en-us/HT212256mitrex_refsource_MISC
support.apple.com/en-us/HT212257mitrex_refsource_MISC
support.apple.com/en-us/HT212258mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.120
patch	0.000
ransomware	0.000