Being able to "arbitrarily" run code on an otherwise fully patched and updated computer is the stuff of nightmares for security people, so it's no surprise to see that this vulnerability has been patched on iOS, iPadOS, macOS, watchOS and in Safari for both macOS Cataline and Mojave as well.
The problem was found by Clément Lecigne of Google's Threat Analysis Group and Allison Huffman of Microsoft Browser Vulnerability Research, with the CVE number being CVE-2021-1844.
Apple's support page describes the security content, which appears to be identical for each platform.
The vulnerability is listed as being in WebKit, with the impact being "processing maliciously crafter web content may lead to arbitrary code execution", and the description being "a memory corruption issue was addressed with improved validation".
So, as with the vast majority of updates, especially when they are point updates to existing versions rather than brand new and major .0 updates like from version 13 to 14, it's important to update your devices so that they don't fall prey to hackers infecting web pages with malicious code.
It's the reason why there are security updates for most modern connected devices, and why older devices that don't have updates aren't safe to use anymore.
The size of the updates will vary by device, but on my Apple Watch Series 6, the update to watchOS 7.3.2 is 56.7MB in size. On my iPhone 12 Pro Max, the update to iOS 14.4.1 is 143.6MB.
On a 2020 MacBook Air with M1 processor, the update to macOS Big Sur is 2.44GB, which is the same size on a 2019 MacBook Pro.
On a 2020 iPad Air 4th-generation, the update is 123.2MB in size.
I'm about to restart all of my Apple devices, after having downloaded the updates, so, update away without delay to keep those nasty bugs at bay. Olé!