CVE-2018-4371

HIGH

Apple Iphone OS < 12.1 - Out-of-Bounds Read

Title source: rule

Description

An out-of-bounds read was addressed with improved input validation. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1.

References (4)

Core 4

Core References

Vendor Advisory x_refsource_misc

https://support.apple.com/kb/HT209193

Vendor Advisory x_refsource_misc

https://support.apple.com/kb/HT209192

Vendor Advisory x_refsource_misc

https://support.apple.com/kb/HT209195

Vendor Advisory x_refsource_misc

https://support.apple.com/kb/HT209194

Scores

CVSS v3 7.8

EPSS 0.0024

EPSS Percentile 47.6%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-125

Status published

Products (4)

apple/iphone_os < 12.1

apple/mac_os_x < 10.14.1

apple/tvos < 12.1

apple/watchos < 5.1

Published Apr 03, 2019

Tracked Since Feb 18, 2026