Apple

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 10.13.4 Description: The issue involves the CoreTypes component and allows remote attackers to trigger disk-image mounting via a crafted web site. Recommendations: For macOS versions prior to 10.13.4, update to version 10.13.4 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Apple OS X versions prior to 10.11 **Description** The issue is related to errors in displaying the current state of the security keychain, which may allow a remote attacker to impact the security of information. The general impact and attack vectors of this issue are not fully specified. **Recommendations** For Apple OS X versions prior to 10.11, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** iOS (affected versions not specified) **Description** The issue is caused by a buffer overflow in the FontParser component of the iOS operating system. Exploitation of this issue may allow a remote attacker to execute arbitrary code or cause a denial of service using a crafted font file. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.