CVE-2018-4445: Infoleak
First published: Wed Dec 05 2018(Updated: )
"Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. This issue affected versions prior to iOS 12.1.1, Safari 12.0.2.
Credit: William Breuer William Breuer product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple Safari | <12.0.2 | |
| Apple iPhone OS | <12.1.1 | |
| Apple iOS | <12.1.1 | 12.1.1 |
| Apple Safari | <12.0.2 | 12.0.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Peer vulnerabilities
(Found alongside the following vulnerabilities)
Frequently Asked Questions
What is the vulnerability ID for this issue with Safari?
The vulnerability ID for this issue with Safari is CVE-2018-4445.
What is the severity of CVE-2018-4445?
The severity of CVE-2018-4445 is medium (4.3).
What is the affected software for CVE-2018-4445?
The affected software for CVE-2018-4445 includes versions prior to iOS 12.1.1 and Safari 12.0.2.
How does CVE-2018-4445 impact Safari users?
CVE-2018-4445 allows the history to not be cleared properly when using the "Clear History and Website Data" feature in Safari.
How can I fix CVE-2018-4445?
To fix CVE-2018-4445, update to iOS 12.1.1 or later, and Safari 12.0.2 or later.
- collector/nvd-index
- collector/apple-support
- agent/type
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/software-canonical-lookup-request
- agent/references
- agent/author
- agent/severity
- agent/weakness
- agent/tags
- agent/description
- agent/event
- collector/mitre-cve
- source/MITRE
- vendor/apple
- canonical/apple safari
- canonical/apple iphone os
- canonical/apple ios