CVE-2018-4445: Infoleak

Q: What is the vulnerability ID for this issue with Safari?

The vulnerability ID for this issue with Safari is CVE-2018-4445.

Q: What is the severity of CVE-2018-4445?

The severity of CVE-2018-4445 is medium (4.3).

Q: What is the affected software for CVE-2018-4445?

The affected software for CVE-2018-4445 includes versions prior to iOS 12.1.1 and Safari 12.0.2.

Q: How does CVE-2018-4445 impact Safari users?

CVE-2018-4445 allows the history to not be cleared properly when using the "Clear History and Website Data" feature in Safari.

Q: How can I fix CVE-2018-4445?

To fix CVE-2018-4445, update to iOS 12.1.1 or later, and Safari 12.0.2 or later.

Published Dec 5, 2018

Updated

"Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. This issue affected versions prior to iOS 12.1.1, Safari 12.0.2.

Other sources

Safari. "Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion.

Credit

William Breuer

Affected Software

4 affected componentsFixes available

Safari<12.0.2

12.0.2

Apple iOS and iPadOS<12.1.1

12.1.1

Safari<12.0.2

iPhone OS<12.1.1

Event History

Apr 3, 2019

CVE Published

via MITRE·05:43 PM

Data Sourced

via MITRE·05:43 PM

DescriptionWeakness

Parent advisories

This vulnerability appears in the following advisories.

Peer vulnerabilities

Found alongside the following vulnerabilities.

Frequently Asked Questions

What is the vulnerability ID for this issue with Safari?

The vulnerability ID for this issue with Safari is CVE-2018-4445.

What is the severity of CVE-2018-4445?