First published: Tue Oct 30 2018(Updated: )
Safari Reader. A logic issue was addressed with improved validation.
Credit: Ryan Pickren (ryanpickren.com) Ryan Pickren (ryanpickren.com) Ryan Pickren (ryanpickren.com) Ryan Pickren (ryanpickren.com) Ryan Pickren (ryanpickren.com) product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple iCloud for Windows | <7.8 | 7.8 |
Apple iTunes for Windows | <12.9.1 | 12.9.1 |
Apple Safari | <12.0.1 | 12.0.1 |
Apple watchOS | <5.1 | 5.1 |
Apple iOS | <12.1 | 12.1 |
Apple Safari | <12.0.1 | |
Apple iPhone OS | <12.1 | |
Apple watchOS | <5.1 | |
Apple iCloud | <7.8 | |
Apple iTunes | <12.9.1 | |
Microsoft Windows |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2018-4374 is a logic issue in Safari Reader that was addressed with improved validation.
Versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, and iCloud for Windows 7.8 are affected by CVE-2018-4374.
CVE-2018-4374 has a severity rating of 6.1 out of 10, classified as medium.
To fix CVE-2018-4374, update to iOS 12.1 or later, watchOS 5.1 or later, Safari 12.0.1 or later, iTunes 12.9.1 or later, and iCloud for Windows 7.8 or later.
You can find more information about CVE-2018-4374 in the official Apple support articles: [Article 1](https://support.apple.com/kb/HT209192), [Article 2](https://support.apple.com/kb/HT209195), [Article 3](https://support.apple.com/kb/HT209196).