CVE-2019-8518
First published: Mon Mar 25 2019(Updated: )
Last updated 24 July 2024
Credit: dwfault ADLab of VenustechSamuel Groß Google Project ZeroApple G. Geshev Trend Micro Zero Day Initiativefound by OSS-Fuzz product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| debian/webkit2gtk | 2.44.2-1~deb11u1 2.46.4-1~deb11u1 2.46.0-2~deb12u1 2.46.4-1~deb12u1 2.46.4-1 | |
| tvOS | <12.2 | 12.2 |
| Apple Mobile Safari | <12.1 | 12.1 |
| Apple iOS, iPadOS, and watchOS | <12.2 | 12.2 |
| Apple iOS, iPadOS, and watchOS | <5.2 | 5.2 |
| Apple iCloud | <7.11 | 7.11 |
| iTunes | <12.9.4 | 12.9.4 |
| iCloud for Windows | <7.11 | |
| iTunes | <12.9.4 | |
| Apple Mobile Safari | <12.1 | |
| iStyle @cosme iPhone OS | <12.2 | |
| tvOS | <12.2 | |
| Apple iOS, iPadOS, and watchOS | <5.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://support.apple.com/en-us/HT209603 (Advisory)
- https://support.apple.com/en-us/HT209605 (Advisory)
- https://support.apple.com/en-us/HT209604 (Advisory)
- https://support.apple.com/HT209599
- https://support.apple.com/HT209601
- https://support.apple.com/HT209602
- https://support.apple.com/HT209603
- https://support.apple.com/HT209604
- https://support.apple.com/HT209605
- https://launchpad.net/bugs/cve/CVE-2019-8518
- https://support.apple.com/en-us/HT209602 (Advisory)
- https://support.apple.com/en-us/HT209601 (Advisory)
- https://support.apple.com/en-us/HT209599 (Advisory)
- https://webkitgtk.org/security/WSA-2019-0002.html
- https://security-tracker.debian.org/tracker/CVE-2019-8518
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8518
- https://nvd.nist.gov/vuln/detail/CVE-2019-8518
- https://ubuntu.com/security/CVE-2019-8518
Parent vulnerabilities
(Appears in the following advisories)
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2019-6203
- CVE-2019-8516
- CVE-2019-8552
- CVE-2019-8542
- CVE-2019-8906
- CVE-2019-7286
- CVE-2019-8553
- CVE-2019-8545
- CVE-2019-5608
- CVE-2019-8547
- CVE-2019-8525
- CVE-2019-8527
- CVE-2019-8528
- CVE-2019-8540
- CVE-2019-8514
- CVE-2019-7293
- CVE-2019-6207
- CVE-2019-8510
- CVE-2019-8532
- CVE-2019-8549
- CVE-2019-8618
- CVE-2019-8531
- CVE-2019-8502
- CVE-2019-8517
- CVE-2019-8551
- CVE-2019-8535
- CVE-2019-6201
- CVE-2019-8518
- CVE-2019-8523
- CVE-2019-8524
- CVE-2019-8558
- CVE-2019-8559
- CVE-2019-8563
- CVE-2019-8638
- CVE-2019-8639
- CVE-2019-8562
- CVE-2019-8515
- CVE-2019-8536
- CVE-2019-8544
- CVE-2019-7285
- CVE-2019-8556
- CVE-2019-8506
- CVE-2019-8503
- CVE-2019-7292
- CVE-2019-8530
- CVE-2019-6204
- CVE-2019-8505
- CVE-2019-8538
- CVE-2019-8511
- CVE-2019-8512
- CVE-2019-8550
- CVE-2019-8565
- CVE-2019-8521
- CVE-2019-8504
- CVE-2019-8529
- CVE-2019-7284
- CVE-2019-8546
- CVE-2019-8541
- CVE-2019-8566
- CVE-2019-8554
- CVE-2019-6222
- CVE-2019-8567
- CVE-2019-8548
- CVE-2019-6232
- CVE-2019-6236
Frequently Asked Questions
What is the severity of CVE-2019-8518?
The severity of CVE-2019-8518 is critical.
How is CVE-2019-8518 fixed?
CVE-2019-8518 is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11.
What is the risk of processing maliciously crafted web content in relation to CVE-2019-8518?
Processing maliciously crafted web content may lead to arbitrary code execution.
Which software versions are affected by CVE-2019-8518?
CVE-2019-8518 affects iOS up to but not including 12.2, tvOS up to but not including 12.2, watchOS up to but not including 5.2, Safari up to but not including 12.1, iTunes for Windows up to but not including 12.9.4, and iCloud for Windows up to but not including 7.11.
Where can I find more information about CVE-2019-8518?
You can find more information about CVE-2019-8518 at the following references: [Reference 1](https://support.apple.com/en-us/HT209599), [Reference 2](https://support.apple.com/en-us/HT209601), [Reference 3](https://support.apple.com/HT209599).
- agent/type
- agent/first-publish-date
- collector/launchpad-cve
- source/Launchpad
- agent/weakness
- agent/severity
- collector/mitre-cve
- source/MITRE
- collector/usn-cve
- source/Ubuntu
- agent/references
- agent/description
- agent/event
- collector/security-tracker-debian
- source/Debian
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/trending
- agent/source
- collector/apple-support
- alias/CVE-2019-8518
- alias/CVE-2019-8523
- alias/CVE-2019-8524
- alias/CVE-2019-8558
- alias/CVE-2019-8559
- alias/CVE-2019-8563
- alias/CVE-2019-8638
- alias/CVE-2019-8639
- agent/software-canonical-lookup-request
- agent/author
- agent/softwarecombine
- agent/tags
- collector/nvd-cve
- source/NVD
- collector/nvd-index
- package-manager/debian
- vendor/apple
- canonical/tvos
- canonical/apple mobile safari
- canonical/apple ios, ipados, and watchos
- canonical/apple icloud
- canonical/itunes
- canonical/icloud for windows
- canonical/istyle @cosme iphone os