CVE-2018-4361: High severity Apple tvOS vulnerability

Q: What is CVE-2018-4361?

CVE-2018-4361 is a memory consumption issue in WebKit.

Q: What versions are affected by CVE-2018-4361?

Versions prior to iOS 12, tvOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7 are affected.

Q: How severe is CVE-2018-4361?

CVE-2018-4361 has a severity rating of 8.8 (high).

Q: How can I fix CVE-2018-4361?

Update to iOS 12 or later, tvOS 12 or later, watchOS 5 or later, Safari 12 or later, iTunes 12.9 for Windows or later, iCloud for Windows 7.7 or later.

Q: Where can I find more information about CVE-2018-4361?

You can find more information about CVE-2018-4361 at the following links: [support.apple.com/HT209106](https://support.apple.com/HT209106), [support.apple.com/HT209107](https://support.apple.com/HT209107), [support.apple.com/HT209108](https://support.apple.com/HT209108).

Published Sep 12, 2018

Updated

A memory consumption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.

Other sources

WebKit. A memory consumption issue was addressed with improved memory handling.

Credit

found by OSS-Fuzz

Affected Software

17 affected componentsFixes available

Apple tvOS<12

Apple WatchOS<5

Apple iCloud for Windows<7.7

7.7

Apple iTunes for Windows<12.9

12.9

Apple Safari<12

Apple iOS<12

Apple Safari<12

Apple iPhone OS<12.0

Apple tvOS<12

Apple WatchOS<5.0

All of the following

Any of the following

Apple iCloud<7.7

Apple iTunes<12.9

Microsoft Windows

Apple iCloud<7.7

Apple iTunes<12.9

Microsoft Windows

debian/webkit2gtk

2.44.2-1~deb11u12.50.4-1~deb11u12.50.4-1~deb12u12.50.4-1~deb13u12.50.5-1

Event History

Apr 3, 2019

CVE Published

via MITRE·05:43 PM

Data Sourced

via MITRE·05:43 PM

DescriptionWeakness

Data Sourced

via NVD·06:29 PM

DescriptionSeverityAffected Software

Jan 11, 2024

Data Sourced

via Launchpad·11:05 PM

Description

Feb 20, 2026

Data Sourced

via Ubuntu·08:01 PM

RemedyDescriptionSeverityAffected Software

Data Sourced

via Debian·08:01 PM

DescriptionAffected Software

Parent advisories

This vulnerability appears in the following advisories.

Peer vulnerabilities

Found alongside the following vulnerabilities.

Frequently Asked Questions

What is CVE-2018-4361?

CVE-2018-4361 is a memory consumption issue in WebKit.

What versions are affected by CVE-2018-4361?

Versions prior to iOS 12, tvOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7 are affected.

How severe is CVE-2018-4361?

CVE-2018-4361 has a severity rating of 8.8 (high).

How can I fix CVE-2018-4361?

Update to iOS 12 or later, tvOS 12 or later, watchOS 5 or later, Safari 12 or later, iTunes 12.9 for Windows or later, iCloud for Windows 7.7 or later.

Where can I find more information about CVE-2018-4361?

You can find more information about CVE-2018-4361 at the following links: [support.apple.com/HT209106](https://support.apple.com/HT209106), [support.apple.com/HT209107](https://support.apple.com/HT209107), [support.apple.com/HT209108](https://support.apple.com/HT209108).

CVE-2018-4361: High severity Apple tvOS vulnerability

Other sources

Credit

Affected Software

Event History

Parent advisories

Peer vulnerabilities

Don't miss critical vulnerabilities

Frequently Asked Questions

What is CVE-2018-4361?

What versions are affected by CVE-2018-4361?

How severe is CVE-2018-4361?

How can I fix CVE-2018-4361?

Where can I find more information about CVE-2018-4361?

Company

Resources

Contact