CVE-2018-4207
8.8
HIGH
CVSS 3.1
EPSS 0.66%
Description
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.
How to fix CVE-2018-4207
To remediate CVE-2018-4207, upgrade the affected package to a fixed version below.
- Debian/webkit2gtk—upgrade to 2.22.0-2 or later
Is CVE-2018-4207 being exploited?
Low — EPSS is 0.7%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 2.22.0-2
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH8.8 | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |