CVE-2018-4395Improper Input Validation in Apple Tvos

CWE-20Improper Input Validation7 documents3 sources
Severity
5.5MEDIUMNVD
EPSS
0.1%
top 79.86%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
8
Apple Iphone OSApple MAC OS XApple Tvos+5 more
Timeline
PublishedApr 3
Latest updateMay 14

Description

This issue was addressed with improved checks. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages9 packages

Appleapple/macos_mojave10.14
NVDapple/tvos< 12
NVDapple/watchos< 5.0
NVDapple/mac_os_x< 10.14

🔴Vulnerability Details

1
GHSA
GHSA-6h5r-5mhw-h4xr: This issue was addressed with improved checks2022-05-14

📋Vendor Advisories

5
Apple
CVE-2018-4395: macOS Mojave 10.14.1, Security Update 2018-002 High Sierra, Security Update 2018-005 Sierra2018-10-30
Apple
CVE-2018-4395: macOS Mojave 10.142018-09-24
Apple
CVE-2018-4395: tvOS 122018-09-17
Apple
CVE-2018-4395: iOS 122018-09-17
Apple
CVE-2018-4395: watchOS 52018-09-17