CVE-2018-4220
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2018-4220
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-4220.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2018-4220
- Published
- 2018-06-08T18:29:01.400Z
- Modified
- 2025-11-19T17:35:05.106654Z
- Severity
-
- 8.8 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
An issue was discovered in certain Apple products. Swift before 4.1.1 Security Update 2018-001 is affected. The issue involves the "Swift for Ubuntu" component. It allows attackers to execute arbitrary code in a privileged context because write and execute permissions are enabled during library loading.
- References
Affected packages
Git / github.com/apple/swift
Affected ranges
- Type
- GIT
- Repo
- https://github.com/apple/swift
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Database specific
vanir_signatures
[
{
"digest": {
"length": 214.0,
"function_hash": "265955098139312753026840419377700005648"
},
"id": "CVE-2018-4220-3923cbd9",
"source": "https://github.com/apple/swift/commit/b61523a0207d6277c0e64a354f0d9187cf85e453",
"signature_type": "Function",
"target": {
"file": "lib/Basic/Version.cpp",
"function": "getSwiftFullVersion"
},
"signature_version": "v1",
"deprecated": false
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"1796450109439206812300957329771678800",
"276841013234405574054417792570126729615",
"124674513808532008237135124683863742925",
"150097780742484238016989027862275115710"
]
},
"id": "CVE-2018-4220-58b1c816",
"source": "https://github.com/apple/swift/commit/b61523a0207d6277c0e64a354f0d9187cf85e453",
"signature_type": "Line",
"target": {
"file": "lib/Basic/Version.cpp"
},
"signature_version": "v1",
"deprecated": false
}
]
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-4220.json"