CVE-2018-4437
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2018-4437
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-4437.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2018-4437
- Downstream
- Related
- Published
- 2019-04-03T18:29:15Z
- Modified
- 2025-09-19T10:07:00.835080Z
- Severity
-
- 8.8 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.
- References
Affected packages
Git / github.com/webkit/webkit
Affected ranges
- Type
- GIT
- Repo
- https://github.com/webkit/webkit
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
Safari-606.*
Safari-606.1.26
Safari-606.1.27
Safari-606.1.28
Safari-606.1.28.1
Safari-606.1.29
Safari-606.1.30
Safari-606.1.31
Safari-606.1.32
Safari-606.1.32.1
Safari-606.1.33
Safari-606.1.34
Safari-606.1.35
Safari-606.1.36
Safari-606.2.1
Safari-606.2.100
Safari-606.2.101
Safari-606.2.102
Safari-606.2.103
Safari-606.2.104
Safari-606.3.1
Safari-606.3.2
Safari-606.3.3
Database specific
{
"vanir_signatures": [
{
"id": "CVE-2018-4437-0d2b641e",
"digest": {
"threshold": 0.9,
"line_hashes": [
"53836477189881582397315793862670904740",
"320892482022350911577514392805570581256",
"254226433322567503412799490157202592627",
"330065992734574058069437848804226355225",
"193583858729384193107372520401538705476",
"37084601600199227354494692163004244034",
"196239925189122413059544919446568192164",
"58352311303078768038088168350206410473"
]
},
"signature_version": "v1",
"target": {
"file": "Source/WebCore/platform/cocoa/VideoFullscreenModel.h"
},
"deprecated": false,
"signature_type": "Line",
"source": "https://github.com/webkit/webkit/commit/676f488e26ea1f872a9b69756c17d417b5317f52"
},
{
"id": "CVE-2018-4437-1e91fcf4",
"digest": {
"threshold": 0.9,
"line_hashes": [
"5870798582894962473799558171415936027",
"210047560723184381970648090314277431668",
"321505883024910444521127036553892301509"
]
},
"signature_version": "v1",
"target": {
"file": "Source/WebCore/platform/cocoa/VideoFullscreenModelVideoElement.h"
},
"deprecated": false,
"signature_type": "Line",
"source": "https://github.com/webkit/webkit/commit/676f488e26ea1f872a9b69756c17d417b5317f52"
},
{
"id": "CVE-2018-4437-34cac362",
"digest": {
"threshold": 0.9,
"line_hashes": [
"70152064588882369854536953690237335037",
"253769765662655457217216644044689477907",
"268108951248309397206547245568425514427",
"166778708244381092185974201905858853291"
]
},
"signature_version": "v1",
"target": {
"file": "Source/WebCore/platform/ios/VideoFullscreenInterfaceAVKit.h"
},
"deprecated": false,
"signature_type": "Line",
"source": "https://github.com/webkit/webkit/commit/676f488e26ea1f872a9b69756c17d417b5317f52"
},
{
"id": "CVE-2018-4437-44509c83",
"digest": {
"threshold": 0.9,
"line_hashes": [
"127641225436156348480362648346430846348",
"216482308379689755144802811391157036997",
"136543890080769160002167524542358099474",
"270094089650102475455600108216935541663",
"191723203284165014625515876816520957709",
"57006899842197773594362695298941581902"
]
},
"signature_version": "v1",
"target": {
"file": "Source/WebKit/WebProcess/cocoa/VideoFullscreenManager.h"
},
"deprecated": false,
"signature_type": "Line",
"source": "https://github.com/webkit/webkit/commit/676f488e26ea1f872a9b69756c17d417b5317f52"
},
{
"id": "CVE-2018-4437-7c437c95",
"digest": {
"threshold": 0.9,
"line_hashes": [
"138980348353154221497940777990858990902",
"215385595635109803843098025239612995386",
"313788636964897840167354659414417504492",
"270814623268181502178390329661760763287",
"260088552200124892321201936538845224162",
"318648898812350710145347401828312015478",
"102999418142820897775959554325837135361",
"17493837090216616587036822985495925484"
]
},
"signature_version": "v1",
"target": {
"file": "Source/WebCore/PAL/pal/spi/cocoa/AVKitSPI.h"
},
"deprecated": false,
"signature_type": "Line",
"source": "https://github.com/webkit/webkit/commit/676f488e26ea1f872a9b69756c17d417b5317f52"
},
{
"id": "CVE-2018-4437-8ee93724",
"digest": {
"threshold": 0.9,
"line_hashes": [
"46181676632416092165701609662475984295",
"234924540605775420412918967381613031328",
"96987184778456690143891346639556030389",
"285903465440655483473023364559915499425",
"102126180594654224225113335403724292000",
"212073092086576127448880070420862602210",
"238147365934401294596861665970376507903",
"174912892342471451606782509345571036188",
"289334649357804445585393549620877551710",
"114528743351449095766596065317295111262",
"81069576794915420473748184656569385651",
"27541056071451938475979139379347672048",
"194760983992107901698701336603315390376",
"262226625992347448214438924988137190067",
"15020179103485275622751799796668493985",
"270130073243338516534242778344827382488",
"179039998586171632590450816772206365663",
"284075877406139102997248515188450946778",
"196793503332638748375880734192887303634",
"286555467196789992114330751546338133150",
"273312293799939199205320888898712349725",
"204034651354344610432081212944094484164",
"99259163585269868613123529085966479245",
"266249062995263626936773804917581184557",
"135007175396598713456607462495198573924"
]
},
"signature_version": "v1",
"target": {
"file": "Source/WebKit/UIProcess/Cocoa/VideoFullscreenManagerProxy.h"
},
"deprecated": false,
"signature_type": "Line",
"source": "https://github.com/webkit/webkit/commit/676f488e26ea1f872a9b69756c17d417b5317f52"
}
]
}