CVE-2018-4438
8.8
HIGH
CVSS 3.1
EPSS 22.6%
Description
A logic issue existed resulting in memory corruption. This was addressed with improved state management. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.
How to fix CVE-2018-4438
To remediate CVE-2018-4438, upgrade the affected package to a fixed version below.
- Debian/webkit2gtk—upgrade to 2.22.3-1 or later
Is CVE-2018-4438 being exploited?
Moderate — EPSS is 22.6%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (1)
- from 0, < 2.22.3-1
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH8.8 | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |