CVE-2018-4305Improper Input Validation in Apple Tvos

CWE-20Improper Input Validation6 documents4 sources
Severity
6.5MEDIUMNVD
EPSS
0.1%
top 75.92%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
Apple Iphone OSApple TvosApple Watchos+2 more
Timeline
PublishedApr 3
Latest updateMay 14

Description

An input validation issue was addressed with improved input validation. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5.

CVSS vector

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages6 packages

NVDapple/tvos< 12
NVDapple/watchos< 5.0
Appleapple/tvos12
NVDapple/iphone_os< 12.0

🔴Vulnerability Details

1
GHSA
GHSA-65hx-hqm8-r3mr: An input validation issue was addressed with improved input validation2022-05-14

📋Vendor Advisories

3
Apple
CVE-2018-4305: tvOS 122018-09-17
Apple
CVE-2018-4305: iOS 122018-09-17
Apple
CVE-2018-4305: watchOS 52018-09-17

💬Community

1
Bugzilla
CVE-2018-17540 strongswan: heap buffer overflow using crafted certificates2018-10-03