7.5
CVSSv2

CVE-2018-4281

Published: 11/01/2019 Updated: 24/01/2019
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

In SwiftNIO prior to 1.8.0, a buffer overflow was addressed with improved size validation.

Vulnerability Trend

Affected Products

Vendor Product Versions
AppleSwiftnio1.0.0, 1.0.1, 1.1.0, 1.1.1, 1.2.0, 1.2.1, 1.2.2, 1.3.0, 1.3.1, 1.3.2, 1.4.0, 1.4.1, 1.4.2, 1.4.3, 1.5.0, 1.5.1, 1.5.2, 1.6.0, 1.6.1, 1.6.2, 1.7.0, 1.7.1, 1.7.2, 1.7.3

Vendor Advisories

About Apple security updatesFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available Recent releases are listed on the Apple security updates page For more information about security, see the Apple Product Security page You can encrypt ...

Mailing Lists

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-06-27-1 SwiftNIO 180 SwiftNIO 180 is now available and addresses the following: SwiftNIO Available for: macOS Sierra 1012 and later, Ubuntu 1404 and later Impact: A remote attacker may be able to overwrite arbitrary memory Description: A buffer overflow was addressed with improv ...
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-06-27-1 SwiftNIO 180 SwiftNIO 180 is now available and addresses the following: SwiftNIO Available for: macOS Sierra 1012 and later, Ubuntu 1404 and later Impact: A remote attacker may be able to overwrite arbitrary memory Description: A buffer overflow was addressed with improv ...