{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T19:32:01.532","vulnerabilities":[{"cve":{"id":"CVE-2021-33595","sourceIdentifier":"cve-notifications-us@f-secure.com","published":"2021-08-11T11:15:09.203","lastModified":"2024-11-21T06:09:09.977","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A address bar spoofing vulnerability was discovered in Safe Browser for iOS. Showing the legitimate URL in the address bar while loading the content from other domain. This makes the user believe that the content is served by a legit domain. A remote attacker can leverage this to perform address bar spoofing attack."},{"lang":"es","value":"Se ha detectado una vulnerabilidad de suplantación de la barra de direcciones en Safe Browser para iOS. Se muestra la URL legítima en la barra de direcciones mientras se carga el contenido de otro dominio. Esto hace creer al usuario que el contenido es servido por un dominio legítimo. Un atacante remoto puede aprovechar esto para llevar a cabo un ataque de falsificación de la barra de direcciones"}],"metrics":{"cvssMetricV31":[{"source":"cve-notifications-us@f-secure.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N","baseScore":3.5,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.1,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N","baseScore":3.5,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.1,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f-secure:safe:*:*:*:*:*:iphone_os:*:*","versionEndExcluding":"18.4.272901","matchCriteriaId":"0D793BD2-1CBF-492B-823B-F8CB0FF45476"}]}]}],"references":[{"url":"https://www.f-secure.com/en/business/programs/vulnerability-reward-program/hall-of-fame","source":"cve-notifications-us@f-secure.com","tags":["Vendor Advisory"]},{"url":"https://www.f-secure.com/en/business/support-and-downloads/security-advisories","source":"cve-notifications-us@f-secure.com","tags":["Vendor Advisory"]},{"url":"https://www.f-secure.com/en/business/support-and-downloads/security-advisories/cve-2021-33595","source":"cve-notifications-us@f-secure.com","tags":["Vendor Advisory"]},{"url":"https://www.f-secure.com/en/business/programs/vulnerability-reward-program/hall-of-fame","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.f-secure.com/en/business/support-and-downloads/security-advisories","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.f-secure.com/en/business/support-and-downloads/security-advisories/cve-2021-33595","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}