Unrated severityNVD Advisory· Published Apr 3, 2019· Updated Aug 5, 2024

CVE-2018-4319

Description

A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins. This issue affected versions prior to iOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.

Affected products

osv-coords19 versions
pkg:rpm/opensuse/gtk3&distro=openSUSE%20Tumbleweed pkg:rpm/opensuse/webkit2gtk3&distro=openSUSE%20Leap%2015.0 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Enterprise%20Storage%204 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP4 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCL pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSS pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP4 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP3 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP4 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20OpenStack%20Cloud%207
< 2.32.4-1.1+ 18 more
- (no CPE)range: < 2.32.4-1.1
- (no CPE)range: < 2.22.5-lp150.2.9.1
- (no CPE)range: < 2.22.4-2.29.3
- (no CPE)range: < 2.22.4-2.29.3
- (no CPE)range: < 2.22.4-2.29.3
- (no CPE)range: < 2.22.5-3.13.1
- (no CPE)range: < 2.22.5-3.13.1
- (no CPE)range: < 2.22.4-2.29.3
- (no CPE)range: < 2.22.4-2.29.3
- (no CPE)range: < 2.22.4-2.29.3
- (no CPE)range: < 2.22.4-2.29.3
- (no CPE)range: < 2.22.4-2.29.3
- (no CPE)range: < 2.22.4-2.29.3
- (no CPE)range: < 2.22.4-2.29.3
- (no CPE)range: < 2.22.4-2.29.3
- (no CPE)range: < 2.22.4-2.29.3
- (no CPE)range: < 2.22.4-2.29.3
- (no CPE)range: < 2.22.4-2.29.3
- (no CPE)range: < 2.22.4-2.29.3

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

support.apple.com/kb/HT209106mitrex_refsource_MISC
support.apple.com/kb/HT209108mitrex_refsource_MISC
support.apple.com/kb/HT209109mitrex_refsource_MISC
support.apple.com/kb/HT209140mitrex_refsource_MISC
support.apple.com/kb/HT209141mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000