Launchpad.net

CVE 2018-4117

An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. watchOS before 4.3 is affected. The issue involves the fetch API in the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site.

Related bugs and status

CVE-2018-4117 (Candidate) is related to these bugs:

Bug #1761289: WSA-2018-0003 security update

		In	Importance	Status
1761289	WSA-2018-0003 security update	webkit2gtk (Ubuntu)	Undecided	Fix Released
1761289	WSA-2018-0003 security update	webkit2gtk (Ubuntu Xenial)	Medium	Fix Released
1761289	WSA-2018-0003 security update	webkit2gtk (Ubuntu Bionic)	Undecided	Fix Released
1761289	WSA-2018-0003 security update	webkit2gtk (Ubuntu Artful)	Medium	Fix Released

Bug #1772448: launcher script runs Python 2 despite checking for /usr/bin/python3

Summary				In	Importance	Status
	1772448	launcher script runs Python 2 despite checking for /usr/bin/python3		chromium-browser (Ubuntu)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2018-4117

Related bugs and status

Related bugs

References