Published: 03/04/2018 Updated: 09/11/2018

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

An issue exists in certain Apple products. iOS prior to 11.3 is affected. Safari prior to 11.1 is affected. iCloud prior to 7.4 on Windows is affected. iTunes prior to 12.7.4 on Windows is affected. watchOS prior to 4.3 is affected. The issue involves the fetch API in the "WebKit" component. It allows remote malicious users to bypass the Same Origin Policy and obtain sensitive information via a crafted web site.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apple safari
apple iphone os
apple watchos
apple icloud
apple itunes
webkitgtk webkitgtk\\+
redhat enterprise linux server 6.0
canonical ubuntu linux 16.04
debian debian linux 9.0
redhat enterprise linux desktop 6.0
redhat enterprise linux workstation 6.0
canonical ubuntu linux 17.10

Synopsis Important: chromium-browser security update Type/Severity Security Advisory: Important Topic An update for chromium-browser is now available for Red Hat Enterprise Linux 6 SupplementaryRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability S ...

Several security issues were fixed in WebKitGTK+ ...

Several vulnerabilities have been discovered in the chromium web browser CVE-2018-4117 AhsanEjaz discovered an information leak CVE-2018-6044 Rob Wu discovered a way to escalate privileges using extensions CVE-2018-6150 Rob Wu discovered an information disclosure issue (this problem was fixed in a previous release but was mistak ...

An issue was discovered in certain Apple products iOS before 113 is affected Safari before 111 is affected iCloud before 74 on Windows is affected iTunes before 1274 on Windows is affected watchOS before 43 is affected The issue involves the fetch API in the "WebKit" component It allows remote attackers to bypass the Same Origin Policy ...

CWE-200 https://support.apple.com/HT208697 https://support.apple.com/HT208696 https://support.apple.com/HT208695 https://support.apple.com/HT208694 https://support.apple.com/HT208693 http://www.securitytracker.com/id/1040604 https://usn.ubuntu.com/3635-1/https://www.debian.org/security/2018/dsa-4256 http://www.securityfocus.com/bid/104887 https://access.redhat.com/errata/RHSA-2018:2282 https://security.gentoo.org/glsa/201808-04 https://security.gentoo.org/glsa/201808-01 https://access.redhat.com/errata/RHSA-2018:2282 https://usn.ubuntu.com/3635-1/https://nvd.nist.gov

CVE-2018-4117

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect