| Month | Quarter | Year |
|---|---|---|
| #N/A | #N/A | #N/A |
| CVE-ID | CWE-ID | Type | Score |
|---|---|---|---|
| CVE-2018-4227 | CWE-310 | Cryptographic Issues | 7.5 |
|
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. The issue involves the "Mail" component. It allows remote attackers to read the cleartext content of S/MIME encrypted messages via direct exfiltration.
|
|||
| CVE-2018-4221 | CWE-200 | Information Leak / Disclosure | 7.5 |
|
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. The issue involves the "Security" component. It allows web sites to track users by leveraging the transmission of S/MIME client certificates.
|
|||
| CVE-2018-4111 | CWE-347 | Improper Verification of Cryptographic Signature | 5.9 |
|
An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "Mail" component. It allows man-in-the-middle attackers to read S/MIME encrypted message content by sending HTML e-mail that references remote resources but lacks a valid S/MIME signature.
|
|||