Name | CVE-2018-4209 |
Description | In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks. |
Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
The table below lists information on source packages.
Source Package | Release | Version | Status |
---|---|---|---|
webkit2gtk (PTS) | jessie | 2.6.2+dfsg1-4 | vulnerable |
stretch | 2.18.6-1~deb9u1 | vulnerable | |
buster (security), buster, buster (lts) | 2.38.6-0+deb10u1 | fixed | |
bullseye | 2.44.2-1~deb11u1 | fixed | |
bullseye (security) | 2.46.4-1~deb11u1 | fixed | |
bookworm | 2.46.0-2~deb12u1 | fixed | |
bookworm (security) | 2.46.4-1~deb12u1 | fixed | |
trixie | 2.46.4-1 | fixed | |
sid | 2.46.5-1 | fixed |
The information below is based on the following data on fixed versions.
Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
---|---|---|---|---|---|---|
webkit2gtk | source | (unstable) | 2.22.0-2 | unimportant |
https://webkitgtk.org/security/WSA-2018-0007.html
Not covered by security support