CVE-2018-4474

EPSS 0.86%
Veröffentlicht 27.10.2020 20:15:14
Zuletzt bearbeitet 21.11.2024 04:07:27
Quelle product-security@apple.com
Teams Watchlist Login
Unerledigt Login

A memory consumption issue was addressed with improved memory handling. This issue is fixed in iCloud for Windows 7.7, watchOS 5, Safari 12, iOS 12, iTunes 12.9 for Windows, tvOS 12. Unexpected interaction causes an ASSERT failure.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 9

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Apple ≫ iCloud SwPlatformwindows Version < 7.7

Apple ≫ iTunes SwPlatformwindows Version < 12.9

Apple ≫ Safari Version < 12

Apple ≫ iPhone OS Version < 12.0

Apple ≫ tvOS Version < 12

Apple ≫ watchOS Version < 5.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.86%	0.73

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P

CWE-400 Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

https://support.apple.com/en-us/HT209106

Vendor Advisory

https://support.apple.com/en-us/HT209107

Vendor Advisory

https://support.apple.com/en-us/HT209108

Vendor Advisory

https://support.apple.com/en-us/HT209109

Vendor Advisory

https://support.apple.com/en-us/HT209140

Vendor Advisory

https://support.apple.com/en-us/HT209141

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2018-4474

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2018-4474

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2018-4474

EUVD