Vulnerability Description
A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, Safari 11.1.2.
CVSS Score
7.5
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apple | Safari | < 11.1.2 |
| Apple | Iphone Os | < 11.4.1 |
Related Weaknesses (CWE)
References
- https://support.apple.com/kb/HT208934Vendor Advisory
- https://support.apple.com/kb/HT208938Vendor Advisory
- https://support.apple.com/kb/HT208934Vendor Advisory
- https://support.apple.com/kb/HT208938Vendor Advisory
FAQ
What is CVE-2018-4274?
CVE-2018-4274 is a vulnerability with a CVSS score of 7.5 (HIGH). A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, Safari 11.1.2.
How severe is CVE-2018-4274?
CVE-2018-4274 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-4274?
Check the references section above for vendor advisories and patch information. Affected products include: Apple Safari, Apple Iphone Os.