CVE-2018-4278 — Apple Icloud vulnerability
11 documents7 sources
Severity
4.3MEDIUMNVD
EPSS
0.7%
top 29.07%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJan 11
Latest updateMay 13
Description
In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iCloud for Windows before 7.6, sound fetched through audio elements may be exfiltrated cross-origin. This issue was addressed with improved audio taint tracking.
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4
Affected Packages5 packages
Also affects: Ubuntu Linux 16.04, 18.04