High severity7.8NVD Advisory· Published Dec 23, 2021· Updated Jun 17, 2026
CVE-2018-4302
CVE-2018-4302
Description
A null pointer dereference was addressed with improved validation. This issue is fixed in macOS High Sierra 10.13, iCloud for Windows 7.0, watchOS 4, iOS 11, iTunes 12.7 for Windows. Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
104+ 1 more
- (no CPE)range: 4
- (no CPE)range: unspecified
- Range: 12.7
11+ 1 more
- (no CPE)range: 11
- (no CPE)range: unspecified
- Range: 10.13
7.0+ 1 more
- (no CPE)range: 7.0
- (no CPE)range: unspecified
- Range: unspecified
- Range: unspecified
Patches
Vulnerability mechanics
References
5- support.apple.com/en-us/HT208112nvdVendor Advisory
- support.apple.com/en-us/HT208115nvdVendor Advisory
- support.apple.com/en-us/HT208141nvdVendor Advisory
- support.apple.com/en-us/HT208142nvdVendor Advisory
- support.apple.com/en-us/HT208144nvdVendor Advisory
News mentions
0No linked articles in our index yet.