CVE-2018-4374: XSS
Safari Reader. A logic issue was addressed with improved validation.
Other sources
A logic issue was addressed with improved validation. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.
Credit
Affected Software
Event History
Parent advisories
This vulnerability appears in the following advisories.
Peer vulnerabilities
Found alongside the following vulnerabilities.
- CVE-2018-4384
- CVE-2018-4398
- CVE-2018-4394
- CVE-2018-4371
- CVE-2018-4420
- CVE-2018-4413
- CVE-2018-4419
- CVE-2018-4381
- CVE-2018-4369
- CVE-2018-4374
- CVE-2018-4377
- CVE-2018-4400
- CVE-2018-4372
- CVE-2018-4373
- CVE-2018-4375
- CVE-2018-4376
- CVE-2018-4382
- CVE-2018-4386
- CVE-2018-4392
- CVE-2018-4416
- CVE-2018-4378
- CVE-2018-4368
- CVE-2018-4409
- CVE-2018-4339
- CVE-2018-4365
- CVE-2018-4366
- CVE-2018-4367
- CVE-2018-4427
- CVE-2018-4390
- CVE-2018-4391
- CVE-2018-4388
- CVE-2018-4387
- CVE-2018-4385
Frequently Asked Questions
What is CVE-2018-4374?
CVE-2018-4374 is a logic issue in Safari Reader that was addressed with improved validation.
Which software versions are affected by CVE-2018-4374?
Versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, and iCloud for Windows 7.8 are affected by CVE-2018-4374.
What is the severity of CVE-2018-4374?
CVE-2018-4374 has a severity rating of 6.1 out of 10, classified as medium.
How can I fix CVE-2018-4374?
To fix CVE-2018-4374, update to iOS 12.1 or later, watchOS 5.1 or later, Safari 12.0.1 or later, iTunes 12.9.1 or later, and iCloud for Windows 7.8 or later.
Where can I find more information about CVE-2018-4374?
You can find more information about CVE-2018-4374 in the official Apple support articles: [Article 1](https://support.apple.com/kb/HT209192), [Article 2](https://support.apple.com/kb/HT209195), [Article 3](https://support.apple.com/kb/HT209196).