VYPR
← All advisories
Unrated severityNVD Advisory· Published Sep 8, 2021· Updated Aug 3, 2024

CVE-2021-30690

CVE-2021-30690

Description

Apache in macOS Mojave before Security Update 2021-004 had multiple unspecified vulnerabilities that could allow local system termination or kernel memory read.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Apache in macOS Mojave before Security Update 2021-004 had multiple unspecified vulnerabilities that could allow local system termination or kernel memory read.

Vulnerability

Multiple issues exist in the Apache version shipped with macOS Mojave before Security Update 2021-004 (corresponding to Apache 2.4.46). The official advisory [1] states that a logic issue was addressed with improved state management, but does not disclose further technical details about the specific code path or conditions required to trigger these issues.

Exploitation

According to Apple's security content [1], exploitation requires local access to the system. The exact attack vector and sequence of steps are not detailed in the available references, but a local user could trigger the vulnerability.

Impact

A local user may be able to cause unexpected system termination or read kernel memory [1]. This indicates potential for both denial of service (via system termination) and information disclosure (kernel memory read).

Mitigation

The issue is fixed in Security Update 2021-004 Mojave, released on May 24, 2021 [1]. Users should apply the update via macOS Software Update. No workaround other than applying the recommended patch is mentioned.

References
  1. About the security content of Security Update 2021-004 Mojave - Apple Support

AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

2

Patches

0

No patches discovered yet.

Vulnerability mechanics

No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.

References

1

News mentions

0

No linked articles in our index yet.