{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-13T04:24:29.080","vulnerabilities":[{"cve":{"id":"CVE-2021-46841","sourceIdentifier":"product-security@apple.com","published":"2023-02-27T20:15:11.233","lastModified":"2025-03-11T18:15:25.263","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in Apple Music 3.5.0 for Android. An attacker in a privileged network position can track a user's activity."},{"lang":"es","value":"Este problema se solucionó mediante el uso de HTTPS al enviar información a través de la red. Se soluciona en la versión 3.5.0 de Apple Music para Android. Un atacante en una posición privilegiada en la red puede rastrear la actividad de un usuario."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apple:music:3.5.0:*:*:*:*:android:*:*","matchCriteriaId":"89168BB2-EFAA-4793-B9F1-32A30AFF4462"}]}]}],"references":[{"url":"https://support.apple.com/en-us/HT213472","source":"product-security@apple.com","tags":["Vendor Advisory"]},{"url":"https://support.apple.com/en-us/HT213472","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}