CVE-2018-4445

MEDIUM

Safari < 12.0.2 and iPhone OS < 12.1.1 - Unauthorized Exposure of Sensitive Browsing History

Title source: llm
STIX 2.1

Description

"Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. This issue affected versions prior to iOS 12.1.1, Safari 12.0.2.

References (2)

Core 2
Core References
Vendor Advisory x_refsource_misc
https://support.apple.com/kb/HT209340
Vendor Advisory x_refsource_misc
https://support.apple.com/kb/HT209344

Scores

CVSS v3 4.3
EPSS 0.0060
EPSS Percentile 44.2%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Details

CWE
CWE-200
Status published
Products (2)
apple/iphone_os < 12.1.1
apple/safari < 12.0.2
Published Apr 03, 2019
Tracked Since Feb 18, 2026