CVE-2018-4302 vulnerability in Apple Products
Published on December 23, 2021

A null pointer dereference was addressed with improved validation. This issue is fixed in macOS High Sierra 10.13, iCloud for Windows 7.0, watchOS 4, iOS 11, iTunes 12.7 for Windows. Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution.

NVD

Products Associated with CVE-2018-4302

Want to know whenever a new CVE is published for Apple products? stack.watch will email you.

Apple iCloud

Apple iTunes

Apple iOS

Apple macOS

Apple watchOS

Affected Versions

Apple iOS:

Version unspecified and below 11 is affected.

Apple watchOS:

Version unspecified and below 4 is affected.

Apple iTunes for Windows:

Version unspecified and below 12.7 is affected.

Apple iCloud for Windows:

Version unspecified and below 7.0 is affected.

Apple macOS:

Version unspecified and below 10.13 is affected.

Exploit Probability

EPSS

0.42%

Percentile

61.77%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2018-4302 vulnerability in Apple ProductsPublished on December 23, 2021

Products Associated with CVE-2018-4302

Affected Versions

Exploit Probability

CVE-2018-4302 vulnerability in Apple Products
Published on December 23, 2021