CVE-2018-4277

In iOS before 11.4.1, watchOS before 4.3.2, tvOS before 11.4.1, Safari before 11.1.1, macOS High Sierra before 10.13.6, a spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
appleCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 67%
VendorProductVersion
applesafari
𝑥
< 11.1.1
appleiphone_os
𝑥
< 11.4.1
applemac_os_x
𝑥
< 10.13.6
appletvos
𝑥
< 11.4.1
applewatchos
𝑥
< 4.3.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securitytracker.com/id/1041232
https://support.apple.com/HT208854
https://support.apple.com/HT208935
https://support.apple.com/HT208936
https://support.apple.com/HT208937
https://support.apple.com/HT208938
http://www.securitytracker.com/id/1041232
https://support.apple.com/HT208854
https://support.apple.com/HT208935
https://support.apple.com/HT208936
https://support.apple.com/HT208937
https://support.apple.com/HT208938