iPadOS
iPadOS 16.7.9
Official advisory27 CVEs fixed by this release.
- Release date
- 2024-07-29
- End of support
- 2025-03-31 EOL
- CVEs fixed
- 27
- CISA KEV
- 0
- Critical
- 0
- High
- 1
- NVD pending
- 25
CVEs fixed
| CVE | Severity | KEV | Published | Description |
|---|---|---|---|---|
|
CVE-2023-52356
[Apple ImageIO] Processing an image may lead to a denial-of-service |
HIGH 7.5 | — | [Apple ImageIO] Processing an image may lead to a denial-of-service | |
|
CVE-2023-6277
Microsoft Security Update Guide entry — NVD enrichira. |
MEDIUM 6.5 | — | Microsoft Security Update Guide entry — NVD enrichira. | |
|
CVE-2024-27873
[Apple CoreMedia] Processing a maliciously crafted video file may lead to unexpected app termination |
N/A | — | [Apple CoreMedia] Processing a maliciously crafted video file may lead to unexpected app termination | |
|
CVE-2024-40776
[Apple WebKit] Processing maliciously crafted web content may lead to an unexpected process crash |
N/A | — | [Apple WebKit] Processing maliciously crafted web content may lead to an unexpected process crash | |
|
CVE-2024-40778
[Apple Photos Storage] Photos in the Hidden Photos Album may be viewed without authentication |
N/A | — | [Apple Photos Storage] Photos in the Hidden Photos Album may be viewed without authentication | |
|
CVE-2024-40779
[Apple WebKit] Processing maliciously crafted web content may lead to an unexpected process crash |
N/A | — | [Apple WebKit] Processing maliciously crafted web content may lead to an unexpected process crash | |
|
CVE-2024-40780
[Apple WebKit] Processing maliciously crafted web content may lead to an unexpected process crash |
N/A | — | [Apple WebKit] Processing maliciously crafted web content may lead to an unexpected process crash | |
|
CVE-2024-40782
[Apple WebKit] Processing maliciously crafted web content may lead to an unexpected process crash |
N/A | — | [Apple WebKit] Processing maliciously crafted web content may lead to an unexpected process crash | |
|
CVE-2024-40784
[Apple ImageIO] Processing a maliciously crafted file may lead to unexpected app termination |
N/A | — | [Apple ImageIO] Processing a maliciously crafted file may lead to unexpected app termination | |
|
CVE-2024-40785
[Apple WebKit] Processing maliciously crafted web content may lead to a cross site scripting attack |
N/A | — | [Apple WebKit] Processing maliciously crafted web content may lead to a cross site scripting attack | |
|
CVE-2024-40786
[Apple Siri] An attacker may be able to view sensitive user information |
N/A | — | [Apple Siri] An attacker may be able to view sensitive user information | |
|
CVE-2024-40788
[Apple Kernel] A local attacker may be able to cause unexpected system shutdown |
N/A | — | [Apple Kernel] A local attacker may be able to cause unexpected system shutdown | |
|
CVE-2024-40789
[Apple WebKit] Processing maliciously crafted web content may lead to an unexpected process crash |
N/A | — | [Apple WebKit] Processing maliciously crafted web content may lead to an unexpected process crash | |
|
CVE-2024-40793
[Apple Shortcuts] An app may be able to access user-sensitive data |
N/A | — | [Apple Shortcuts] An app may be able to access user-sensitive data | |
|
CVE-2024-40796
[Apple NetworkExtension] Private browsing may leak some browsing history |
N/A | — | [Apple NetworkExtension] Private browsing may leak some browsing history | |
|
CVE-2024-40798
[Apple Security] An app may be able to read Safari's browsing history |
N/A | — | [Apple Security] An app may be able to read Safari's browsing history | |
|
CVE-2024-40799
[Apple CoreGraphics] Processing a maliciously crafted file may lead to unexpected app termination |
N/A | — | [Apple CoreGraphics] Processing a maliciously crafted file may lead to unexpected app termination | |
|
CVE-2024-40806
[Apple ImageIO] Processing a maliciously crafted file may lead to unexpected app termination |
N/A | — | [Apple ImageIO] Processing a maliciously crafted file may lead to unexpected app termination | |
|
CVE-2024-40809
[Apple Shortcuts] A shortcut may be able to bypass Internet permission requirements |
N/A | — | [Apple Shortcuts] A shortcut may be able to bypass Internet permission requirements | |
|
CVE-2024-40812
[Apple Shortcuts] A shortcut may be able to bypass Internet permission requirements |
N/A | — | [Apple Shortcuts] A shortcut may be able to bypass Internet permission requirements | |
|
CVE-2024-40818
[Apple Siri] An attacker with physical access may be able to use Siri to access sensitive user data |
N/A | — | [Apple Siri] An attacker with physical access may be able to use Siri to access sensitive user data | |
|
CVE-2024-40822
[Apple Siri] An attacker with physical access to a device may be able to access contacts from the lock screen |
N/A | — | [Apple Siri] An attacker with physical access to a device may be able to access contacts from the lock screen | |
|
CVE-2024-40829
[Apple VoiceOver] A user may be able to view restricted content from the lock screen |
N/A | — | [Apple VoiceOver] A user may be able to view restricted content from the lock screen | |
|
CVE-2024-40833
[Apple Shortcuts] A shortcut may be able to use sensitive data with certain actions without prompting the user |
N/A | — | [Apple Shortcuts] A shortcut may be able to use sensitive data with certain actions without prompting the user | |
|
CVE-2024-40835
[Apple Shortcuts] A shortcut may be able to use sensitive data with certain actions without prompting the user |
N/A | — | [Apple Shortcuts] A shortcut may be able to use sensitive data with certain actions without prompting the user | |
|
CVE-2024-40836
[Apple Shortcuts] A shortcut may be able to use sensitive data with certain actions without prompting the user |
N/A | — | [Apple Shortcuts] A shortcut may be able to use sensitive data with certain actions without prompting the user | |
|
CVE-2024-44205
[Apple Siri] A sandboxed app may be able to access sensitive user data in system logs |
N/A | — | [Apple Siri] A sandboxed app may be able to access sensitive user data in system logs |