CVE-2018-4277 — Improper Input Validation in Apple

Vendor	Product	Version range	Fixed in
apple	ios	—	—
apple	iphone_os	< 11.4.1	11.4.1
apple	mac_os_x	< 10.13.6	10.13.6
apple	macos_high_sierra_10.13.6_security_update_2018-004_sierra_security_update_2018-0	—	—
apple	safari	< 11.1.1	11.1.1
apple	safari	—	—
apple	tvos	< 11.4.1	11.4.1
apple	tvos	—	—
apple	watchos	< 4.3.2	4.3.2
apple	watchos	—	—

Apple

CVE-2018-4277: macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, Security Update 2018-004 El Capitan

vendor_apple·2018-07-09·CVSS 7.5

CVE-2018-4277 [HIGH] CVE-2018-4277: macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, Security Update 2018-004 El Capitan Apple Security Update: About the security content of macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, Security Update 2018-004 El Capitan Product: macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, Security Update 2018-004 El Capitan CVE: CVE-2018-4277 Component: LinkPresentation Impact: Visiting a malicious website may lead to address bar spoofing Description: A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.

Apple

CVE-2018-4277: iOS 11.4.1

vendor_apple·2018-07-09·CVSS 7.5

CVE-2018-4277 [HIGH] CVE-2018-4277: iOS 11.4.1 Apple Security Update: About the security content of iOS 11.4.1 Product: iOS Version: 11.4.1 CVE: CVE-2018-4277 Component: LinkPresentation Impact: Visiting a malicious website may lead to address bar spoofing Description: A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.

Apple

CVE-2018-4277: watchOS 4.3.2

vendor_apple·2018-07-09·CVSS 7.5

CVE-2018-4277 [HIGH] CVE-2018-4277: watchOS 4.3.2 Apple Security Update: About the security content of watchOS 4.3.2 Product: watchOS Version: 4.3.2 CVE: CVE-2018-4277 Component: LinkPresentation Impact: Visiting a malicious website may lead to address bar spoofing Description: A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.

Apple

CVE-2018-4277: tvOS 11.4.1

vendor_apple·2018-07-09·CVSS 7.5

CVE-2018-4277 [HIGH] CVE-2018-4277: tvOS 11.4.1 Apple Security Update: About the security content of tvOS 11.4.1 Product: tvOS Version: 11.4.1 CVE: CVE-2018-4277 Component: LinkPresentation Impact: Visiting a malicious website may lead to address bar spoofing Description: A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.

Apple

CVE-2018-4277: Safari 11.1.1

vendor_apple·2018-06-01·CVSS 7.5

CVE-2018-4277 [HIGH] CVE-2018-4277: Safari 11.1.1 Apple Security Update: About the security content of Safari 11.1.1 Product: Safari Version: 11.1.1 CVE: CVE-2018-4277 Component: WebKit Impact: Visiting a malicious website may lead to address bar spoofing Description: A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.

GHSA

GHSA-83rq-ppqv-95c6: In iOS before 11

ghsa_unreviewed·2022-05-13

CVE-2018-4277 [HIGH] CWE-20 GHSA-83rq-ppqv-95c6: In iOS before 11 In iOS before 11.4.1, watchOS before 4.3.2, tvOS before 11.4.1, Safari before 11.1.1, macOS High Sierra before 10.13.6, a spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.

CVE-2018-4277: In iOS before 11.4.1, watchOS before 4.3.2, tvOS before 11.4.1, Safari before 11.1.1, macOS High Sierra before 10.13.6, a spoofing issue existed in the…

Affected

CVSS provenance