This issue was addressed with improved checks. This issue is fixed in Security Update 2021-004 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, Security Update 2021-003 Catalina, tvOS 14.5, macOS Big Sur 11.3. Processing maliciously crafted server messages may lead to heap corruption.
https://support.apple.com/en-us/HT212531
https://support.apple.com/en-us/HT212530
https://support.apple.com/en-us/HT212325
https://support.apple.com/en-us/HT212324