Apple Safari vulnerabilities

CVE-2018-4195 [MEDIUM] CWE-20 CVE-2018-4195: An inconsistent user interface issue was addressed with improved state management. This issue affect An inconsistent user interface issue was addressed with improved state management. This issue affected versions prior to Safari 12.

CVE-2018-4279 [MEDIUM] CWE-20 CVE-2018-4279: An inconsistent user interface issue was addressed with improved state management. This issue affect An inconsistent user interface issue was addressed with improved state management. This issue affected versions prior to Safari 11.1.2.

CVE-2018-4377 [MEDIUM] CWE-79 CVE-2018-4377: A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validatio A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.

CVE-2018-4409 [MEDIUM] CWE-400 CVE-2018-4409: A resource exhaustion issue was addressed with improved input validation. This issue affected versio A resource exhaustion issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1, tvOS 12.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.

CVE-2018-4362 [MEDIUM] CWE-20 CVE-2018-4362: An inconsistent user interface issue was addressed with improved state management. This issue affect An inconsistent user interface issue was addressed with improved state management. This issue affected versions prior to Safari 11.1.2, iOS 12.

CVE-2018-4374 [MEDIUM] CWE-79 CVE-2018-4374: A logic issue was addressed with improved validation. This issue affected versions prior to iOS 12.1 A logic issue was addressed with improved validation. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.

CVE-2018-4445 [MEDIUM] CWE-200 CVE-2018-4445: "Clear History and Website Data" did not clear the history. The issue was addressed with improved da "Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. This issue affected versions prior to iOS 12.1.1, Safari 12.0.2.

CVE-2018-4440 [MEDIUM] CWE-20 CVE-2018-4440: A logic issue was addressed with improved state management. This issue affected versions prior to iO A logic issue was addressed with improved state management. This issue affected versions prior to iOS 12.1.1, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.

CVE-2018-4273 [MEDIUM] CWE-119 CVE-2018-4273: Multiple memory corruption issues were addressed with improved input validation. This issue affected Multiple memory corruption issues were addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.

CVE-2018-4260 [MEDIUM] CWE-20 CVE-2018-4260: An inconsistent user interface issue was addressed with improved state management. This issue affect An inconsistent user interface issue was addressed with improved state management. This issue affected versions prior to iOS 11.4.1, Safari 11.1.2.

CVE-2018-4266 [MEDIUM] CWE-362 CVE-2018-4266: A race condition was addressed with additional validation. This issue affected versions prior toiVer A race condition was addressed with additional validation. This issue affected versions prior toiVersions prior to: OS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.

CVE-2018-4271 [MEDIUM] CWE-119 CVE-2018-4271: Multiple memory corruption issues were addressed with improved input validation. This issue affected Multiple memory corruption issues were addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.

CVE-2018-4309 [MEDIUM] CWE-79 CVE-2018-4309: A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validatio A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.

CVE-2018-4270 [MEDIUM] CWE-119 CVE-2018-4270: A memory corruption issue was addressed with improved memory handling. This issue affected versions A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.

CVE-2018-4439 [MEDIUM] CWE-20 CVE-2018-4439: A logic issue was addressed with improved validation. This issue affected versions prior to iOS 12.1 A logic issue was addressed with improved validation. This issue affected versions prior to iOS 12.1.1, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.

CVE-2019-6215 [HIGH] CWE-843 CVE-2019-6215: A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.1. A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.

CVE-2019-6227 [HIGH] CWE-787 CVE-2019-6227: A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12 A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.

CVE-2019-6217 [HIGH] CWE-787 CVE-2019-6217: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.

CVE-2019-6233 [HIGH] CWE-787 CVE-2019-6233: A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12 A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.

CVE-2019-6226 [HIGH] CWE-787 CVE-2019-6226: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.