iPadOS
iPadOS 17.7.4
Official advisory19 CVEs fixed by this release.
- Release date
- 2025-01-27
- End of support
- 2025-09-15 EOL
- CVEs fixed
- 19
- CISA KEV
- 0
- Critical
- 0
- High
- 2
- NVD pending
- 17
CVEs fixed
| CVE | Severity | KEV | Published | Description |
|---|---|---|---|---|
|
CVE-2024-55549
xsltGetInheritedNsList in libxslt before 1.1.43 has a use-after-free issue |
HIGH 7.8 | — | xsltGetInheritedNsList in libxslt before 1.1.43 has a use-after-free issue | |
|
CVE-2025-24855
numbers.c in libxslt before 1.1.43 has a use-after-free because, in nested XPath evaluations, an XPath context node can… |
HIGH 7.8 | — | numbers.c in libxslt before 1.1.43 has a use-after-free because, in nested XPath evaluations, an XPath context node can be modified but never restored. This is… | |
|
CVE-2025-24163
[Apple CoreAudio] Parsing a file may lead to an unexpected app termination |
N/A | — | [Apple CoreAudio] Parsing a file may lead to an unexpected app termination | |
|
CVE-2024-54478
[Apple ICU] Processing maliciously crafted web content may lead to an unexpected process crash |
N/A | — | [Apple ICU] Processing maliciously crafted web content may lead to an unexpected process crash | |
|
CVE-2024-54497
[Apple QuartzCore] Processing web content may lead to a denial-of-service |
N/A | — | [Apple QuartzCore] Processing web content may lead to a denial-of-service | |
|
CVE-2025-24086
[Apple ImageIO] Processing an image may lead to a denial-of-service |
N/A | — | [Apple ImageIO] Processing an image may lead to a denial-of-service | |
|
CVE-2025-24102
[Apple CoreRoutine] An app may be able to determine a user’s current location |
N/A | — | [Apple CoreRoutine] An app may be able to determine a user’s current location | |
|
CVE-2025-24104
[Apple Managed Configuration] Restoring a maliciously crafted backup file may lead to modification of protected system … |
N/A | — | [Apple Managed Configuration] Restoring a maliciously crafted backup file may lead to modification of protected system files | |
|
CVE-2025-24117
[Apple LaunchServices] An app may be able to fingerprint the user |
N/A | — | [Apple LaunchServices] An app may be able to fingerprint the user | |
|
CVE-2025-24118
[Apple Kernel] An app may be able to cause unexpected system termination or write kernel memory |
N/A | — | [Apple Kernel] An app may be able to cause unexpected system termination or write kernel memory | |
|
CVE-2025-24123
[Apple CoreMedia] Parsing a file may lead to an unexpected app termination |
N/A | — | [Apple CoreMedia] Parsing a file may lead to an unexpected app termination | |
|
CVE-2025-24124
[Apple CoreMedia] Parsing a file may lead to an unexpected app termination |
N/A | — | [Apple CoreMedia] Parsing a file may lead to an unexpected app termination | |
|
CVE-2025-24127
[Apple ARKit] Parsing a file may lead to an unexpected app termination |
N/A | — | [Apple ARKit] Parsing a file may lead to an unexpected app termination | |
|
CVE-2025-24137
[Apple AirPlay] An attacker on the local network may corrupt process memory |
N/A | — | [Apple AirPlay] An attacker on the local network may corrupt process memory | |
|
CVE-2025-24149
[Apple SceneKit] Parsing a file may lead to disclosure of user information |
N/A | — | [Apple SceneKit] Parsing a file may lead to disclosure of user information | |
|
CVE-2025-24159
[Apple Kernel] An app may be able to execute arbitrary code with kernel privileges |
N/A | — | [Apple Kernel] An app may be able to execute arbitrary code with kernel privileges | |
|
CVE-2025-24160
[Apple CoreAudio] Parsing a file may lead to an unexpected app termination |
N/A | — | [Apple CoreAudio] Parsing a file may lead to an unexpected app termination | |
|
CVE-2025-24161
[Apple CoreAudio] Parsing a file may lead to an unexpected app termination |
N/A | — | [Apple CoreAudio] Parsing a file may lead to an unexpected app termination | |
|
CVE-2025-24184
[Apple CoreMedia Playback] An app may be able to cause unexpected system termination |
N/A | — | [Apple CoreMedia Playback] An app may be able to cause unexpected system termination |