Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2018-4438
HistoryApr 03, 2019 - 12:00 a.m.

CVE-2018-4438

2019-04-0300:00:00
ubuntu.com
ubuntu.com
11

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.439 Medium

EPSS

Percentile

97.4%

JSON

A logic issue existed resulting in memory corruption. This was addressed
with improved state management. This issue affected versions prior to iOS
12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for
Windows, iCloud for Windows 7.9.

Notes

Author Note
jdstrand webkit receives limited support. For details, see https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8
OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchwebkit2gtk< 2.22.4-0ubuntu0.18.04.1UNKNOWN
ubuntu18.10noarchwebkit2gtk< 2.22.4-0ubuntu0.18.10.1UNKNOWN

Related

packetstorm 1
nvd 1
cve 1
checkpoint_advisories 1
prion 1
cvelist 1
osv 1
zdt 1
debiancve 1
openvas 9
nessus 10
myhack58 1
suse 3
apple 12
kaspersky 1
googleprojectzero 1
packetstorm
packetstorm
WebKit JIT Proxy Object Issue
2018-12-12 00:00:00
nvd
nvd
CVE-2018-4438
2019-04-03 18:29:15
cve
cve
CVE-2018-4438
2019-04-03 18:29:15
checkpoint_advisories
checkpoint_advisories
Apple Webkit Memory Corruption (CVE-2018-4438)
2020-03-16 00:00:00
prion
prion
Memory corruption
2019-04-03 18:29:00
cvelist
cvelist
CVE-2018-4438
2019-04-03 17:43:19
osv
osv
CVE-2018-4438
2019-04-03 18:29:15
zdt
zdt
WebKit JIT - Int32/Double Arrays can have Proxy Objects in the Prototype Chains Exploit
2018-12-13 00:00:00
debiancve
debiancve
CVE-2018-4438
2019-04-03 18:29:15
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2019:0146-1)
2021-04-19 00:00:00
openSUSE: Security Advisory for webkit2gtk3 (openSUSE-SU-2019:0108-1)
2019-02-01 00:00:00
Apple iCloud Security Updates (HT209346) - Windows
2018-12-06 00:00:00
nessus
nessus
Apple Safari < 12.0.2 Multiple Vulnerabilities
2019-04-08 00:00:00
openSUSE Security Update : webkit2gtk3 (openSUSE-2019-108)
2019-02-01 00:00:00
SUSE SLED12 / SLES12 Security Update : webkit2gtk3 (SUSE-SU-2019:0146-1)
2019-01-24 00:00:00
myhack58
myhack58
In-depth exploration found in the wild iOS exploit chain VI-vulnerability warning-the black bar safety net
2019-09-17 00:00:00
suse
suse
Security update for webkit2gtk3 (important)
2019-01-31 00:00:00
Security update for webkit2gtk3 (moderate)
2019-03-08 00:00:00
Security update for webkit2gtk3 (important)
2019-01-23 00:00:00
apple
apple
About the security content of iCloud for Windows 7.9 - Apple Support
2019-01-23 09:35:36
About the security content of iCloud for Windows 7.9
2018-12-05 00:00:00
About the security content of iTunes 12.9.2 for Windows
2018-12-05 00:00:00
kaspersky
kaspersky
KLA11384 Multiple vulnerabilities in Apple iTunes
2018-12-12 00:00:00
googleprojectzero
googleprojectzero
JSC Exploits
2019-08-29 00:00:00

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.439 Medium

EPSS

Percentile

97.4%

JSON
Related for UB:CVE-2018-4438
packetstorm1nvd1cve1checkpoint_advisories1prion1cvelist1osv1zdt1debiancve1openvas9nessus10myhack581suse3apple12kaspersky1googleprojectzero1