CVE-2018-4254Improper Input Validation in Apple Macos High Sierra 10.13.5 Security Update 2018-003 Sierra Security Update 2018-0

CWE-20Improper Input Validation3 documents3 sources
Severity
9.8CRITICALNVD
EPSS
0.4%
top 36.68%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apple MAC OS XApple Macos High Sierra 10.13.5 Security Update 2018-003 Sierra Security Update 2018-0
Timeline
PublishedJan 11
Latest updateMay 14

Description

In macOS High Sierra before 10.13.5, an input validation issue existed in the kernel. This issue was addressed with improved input validation.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

NVDapple/mac_os_x< 10.13.5

🔴Vulnerability Details

1
GHSA
GHSA-5g32-q9gv-9xh4: In macOS High Sierra before 102022-05-14

📋Vendor Advisories

1
Apple
CVE-2018-4254: macOS High Sierra 10.13.5, Security Update 2018-003 Sierra, Security Update 2018-003 El Capitan2018-06-01