HIGH🇬🇧 English

CVE-2018-4220

CVSS 8.8v3.0pub. 2018-06-08upd. 2024-11-21

An issue was discovered in certain Apple products. Swift before 4.1.1 Security Update 2018-001 is affected. The issue involves the "Swift for Ubuntu" component. It allows attackers to execute arbitrary code in a privileged context because write and execute permissions are enabled during library loading.

oryginał EN
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  • Apple Swift

    APP
    Apple
    < 4.1.1
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCE
CWE
Referencje

Powiązane podatności

CVE-2022-1642HIGH7.5ten sam produkt

A program using swift-corelibs-foundation is vulnerable to a denial of service attack caused by a potentially ...

CVE-2020-9861HIGH7.5ten sam produkt

A stack overflow issue existed in Swift for Linux. The issue was addressed with improved input validation for ...

CVE-2019-8790MEDIUM5.5ten sam produkt

This issue was addresses by updating incorrect URLSession file descriptors management logic to match Swift 5.0...

CVE-2025-10585CRITICAL9.8⚠ KEVPL ✓ten sam vendor

Type confusion w V8 (Google Chrome) — zdalne uszkodzenie sterty

CVE-2025-43300CRITICAL10.0⚠ KEVPL ✓ten sam vendor

Apple iOS/iPadOS/macOS — out-of-bounds write przy przetwarzaniu obrazu