CVE-2021-30897

Summary

An issue existed in the specification for the resource timing API. The specification was updated and the updated specification was implemented. This issue is fixed in macOS Monterey 12.0.1. A malicious website may exfiltrate data cross-origin.

Affected Software

VendorProductVersion RangeStatus
ApplemacOSunspecified < 12.0affected

Weaknesses

  • A malicious website may exfiltrate data cross-origin

ADP Enrichment

CVE Program Container

Additional References

References