vulnerability

OS X update for libxml2 (CVE-2018-4302)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:M/Au:N/C:P/I:P/A:P)	Oct 19, 2018	Oct 19, 2018	Aug 13, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:P/A:P)

Published

Oct 19, 2018

Added

Oct 19, 2018

Modified

Aug 13, 2025

Description

A null pointer dereference was addressed with improved validation. This issue is fixed in macOS High Sierra 10.13, iCloud for Windows 7.0, watchOS 4, iOS 11, iTunes 12.7 for Windows. Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution.

Solution

apple-osx-upgrade-10_13

References

CVE-2018-4302
https://attackerkb.com/topics/CVE-2018-4302
CWE-476
URL-https://support.apple.com/kb/HT208144

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today