CVE-2021-30661: 
Apple Safari vulnerability analysis and mitigation

CVE-2021-30661 is a use-after-free vulnerability in WebKit Storage that affects multiple Apple products including Safari 14.1, iOS 12.5.3, iOS 14.5, iPadOS 14.5, watchOS 7.4, tvOS 14.5, and macOS Big Sur 11.3. The vulnerability was discovered by yangkang (@dnpushme) of 360 ATA and was disclosed in April 2021. Apple confirmed that this vulnerability was actively exploited in the wild (Apple Support).

The vulnerability is a use-after-free issue in the WebKit Storage component that was addressed with improved memory management. It has been assigned a CVSS v3.1 base score of 8.8 (HIGH) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. The vulnerability is classified as CWE-416 (Use After Free) (NVD).

When exploited, this vulnerability allows processing of maliciously crafted web content to lead to arbitrary code execution. The high severity rating indicates that successful exploitation could result in significant impact to confidentiality, integrity, and availability of the affected systems (Apple Support, NVD).

Apple addressed this vulnerability by releasing security updates across multiple products: Safari 14.1, iOS 12.5.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, and macOS Big Sur 11.3. Users are advised to update to these versions or later to protect against exploitation (Apple Support).