CVE-2018-4266 — Race Condition in Apple Icloud

CWE-362 — Race Condition12 documents7 sources

Severity

5.9MEDIUMNVD

EPSS

0.8%

top 26.78%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple Icloud Apple Iphone OS Apple Itunes +3 more

Timeline

PublishedApr 3

Latest updateMay 14

Description

A race condition was addressed with additional validation. This issue affected versions prior toiVersions prior to: OS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.2 | Impact: 3.6

Affected Packages6 packages

▶NVDapple/tvos< 11.4.1

▶NVDapple/icloud< 7.6

▶NVDapple/itunes< 12.8

▶NVDapple/safari< 11.1.2

▶NVDapple/watchos< 4.3.2

🔴Vulnerability Details

GHSA

GHSA-fvcx-grrr-x536: A race condition was addressed with additional validation↗2022-05-14

▶

CVEList

CVE-2018-4266: A race condition was addressed with additional validation↗2019-04-03

▶

OSV

CVE-2018-4266: A race condition was addressed with additional validation↗2019-04-03

▶

📋Vendor Advisories

Ubuntu

WebKitGTK+ vulnerabilities↗2018-08-16

▶

Apple

CVE-2018-4266: iCloud for Windows 7.6↗2018-07-09

▶

Apple

CVE-2018-4266: tvOS 11.4.1↗2018-07-09

▶

Apple

CVE-2018-4266: iOS 11.4.1↗2018-07-09

▶

Apple

CVE-2018-4266: iTunes 12.8 for Windows↗2018-07-09

▶