CVE-2018-4116: Input Validation

Reference Links

• https://support.apple.com/en-us/HT208695 (Advisory)
• http://www.securitytracker.com/id/1040606
• https://support.apple.com/HT208695

Parent vulnerabilities

(Appears in the following advisories)

• HT208695

Peer vulnerabilities

(Found alongside the following vulnerabilities)

• CVE-2018-4102
• CVE-2018-4116
• CVE-2018-4186
• CVE-2018-4137
• CVE-2018-4101
• CVE-2018-4114
• CVE-2018-4118
• CVE-2018-4119
• CVE-2018-4120
• CVE-2018-4121
• CVE-2018-4122
• CVE-2018-4125
• CVE-2018-4127
• CVE-2018-4128
• CVE-2018-4129
• CVE-2018-4130
• CVE-2018-4161
• CVE-2018-4162
• CVE-2018-4163
• CVE-2018-4165
• CVE-2018-4133
• CVE-2018-4113
• CVE-2018-4146
• CVE-2018-4117
• CVE-2018-4207
• CVE-2018-4208
• CVE-2018-4209
• CVE-2018-4210
• CVE-2018-4212
• CVE-2018-4213
• CVE-2018-4145

Frequently Asked Questions

• What is CVE-2018-4116?

  CVE-2018-4116 is a vulnerability found in Safari before version 11.1 that allows remote attackers to spoof the address bar via a crafted website.

• How does CVE-2018-4116 affect Safari?

  CVE-2018-4116 affects Safari versions before 11.1.

• What is the severity of CVE-2018-4116?

  The severity of CVE-2018-4116 is medium with a CVSS score of 6.5.

• How can I fix CVE-2018-4116 in Safari?

  To fix CVE-2018-4116, update Safari to version 11.1 or later.

• Where can I find more information about CVE-2018-4116?

  You can find more information about CVE-2018-4116 on the following references: [SecurityTracker](http://www.securitytracker.com/id/1040606) and [Apple Support](https://support.apple.com/HT208695).