CVE-2021-30884: 
Rocky Linux vulnerability analysis and mitigation

CVE-2021-30884 is a security vulnerability affecting WebKit, discovered and fixed in 2021. The vulnerability impacts multiple Apple operating systems including tvOS 15, watchOS 8, iOS 15, iPadOS 15, and macOS Monterey. When exploited, this vulnerability allows malicious websites to reveal a user's browsing history through CSS compositing techniques (Apple Support, WebKit Advisory).

The vulnerability exists in WebKit's CSS compositing implementation. The issue was resolved by implementing additional restrictions on CSS compositing functionality. The vulnerability has been assigned a CVSS v3.1 base score of 4.7 (Medium) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N, indicating it is a network-exploitable vulnerability requiring user interaction (NVD).

The primary impact of this vulnerability is the potential exposure of a user's browsing history. When a user visits a maliciously crafted website, the attacker can exploit CSS compositing features to extract information about the user's browsing history, compromising their privacy (Apple Support, WebKit Advisory).

Apple has addressed this vulnerability by implementing additional restrictions on CSS compositing in the following software updates: tvOS 15, watchOS 8, iOS 15, iPadOS 15, and macOS Monterey. Users are advised to update their devices to these versions or later to protect against this vulnerability (Apple Support, WebKit Advisory).