Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2018-4133

An issue was discovered in certain Apple products. Safari before 11.1 is affected. The issue involves the "WebKit" component. A Safari cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

Related bugs and status

CVE-2018-4133 (Candidate) is related to these bugs:

Bug #1761289: WSA-2018-0003 security update

		In	Importance	Status
1761289	WSA-2018-0003 security update	webkit2gtk (Ubuntu)	Undecided	Fix Released
1761289	WSA-2018-0003 security update	webkit2gtk (Ubuntu Xenial)	Medium	Fix Released
1761289	WSA-2018-0003 security update	webkit2gtk (Ubuntu Bionic)	Undecided	Fix Released
1761289	WSA-2018-0003 security update	webkit2gtk (Ubuntu Artful)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: https://support.apple....
BID: 103580
SECTRACK: 1040606
UBUNTU: USN-3635-1
GENTOO: GLSA-201808-04