CWE-200

The issue was addressed by removing origin information. This issue affected versions prior to iOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.

A logic issue was addressed with improved restrictions. This issue affected versions prior to iOS 12.

An issue was discovered in certain Apple products. iOS before 11.4 is affected. The issue involves the “Siri Contacts” component. It allows physically proximate attackers to discover private contact information via Siri.

An issue was discovered in certain Apple products. iOS before 11.4 is affected. The issue involves the “Siri” component. It allows physically proximate attackers to bypass the lock-screen protection mechanism and obtain private notification content via Siri.

An information disclosure issue was addressed by removing the vulnerable code. This issue affected versions prior to macOS High Sierra 10.13.6.

In macOS High Sierra before 10.13.5, a privacy issue in the handling of Open Directory records was addressed with improved indexing.