4.3

CVE-2018-4278

In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iCloud for Windows before 7.6, sound fetched through audio elements may be exfiltrated cross-origin. This issue was addressed with improved audio taint tracking.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AppleSafari Version < 11.1.2
AppleiPhone OS Version < 11.4.1
AppletvOS Version < 11.4.1
AppleiCloud Version < 7.6
   MicrosoftWindows
AppleiTunes Version < 12.8
   MicrosoftWindows
CanonicalUbuntu Linux Version16.04 SwEditionlts
CanonicalUbuntu Linux Version18.04 SwEditionlts
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.28% 0.809
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 2.8 1.4
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:P/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://security.gentoo.org/glsa/201808-04
Third Party Advisory
https://usn.ubuntu.com/3743-1/
Third Party Advisory
http://www.securitytracker.com/id/1041232
Third Party Advisory
VDB Entry
https://support.apple.com/HT208934%2C
https://support.apple.com/HT208938%2C
https://support.apple.com/HT208932
Vendor Advisory
https://support.apple.com/HT208933%2C
https://support.apple.com/HT208936%2C
https://exchange.xforce.ibmcloud.com/vulnerabilities/146479
Third Party Advisory