iPadOS
iPadOS 18.7.3
Official advisory23 CVEs fixed by this release.
- Release date
- 2025-12-12
- End of support
- —
- CVEs fixed
- 23
- CISA KEV
- 2
- Critical
- 0
- High
- 0
- NVD pending
- 20
CVEs fixed
| CVE | Severity | KEV | Published | Description |
|---|---|---|---|---|
|
CVE-2025-14174
KEV
[Apple WebKit] Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a rep… |
N/A | KEV | [Apple WebKit] Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploi… | |
|
CVE-2025-43529
KEV
[Apple WebKit] Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a rep… |
N/A | KEV | [Apple WebKit] Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploi… | |
|
CVE-2024-7264
[Apple curl] Multiple issues in curl |
MEDIUM 6.5 | — | [Apple curl] Multiple issues in curl | |
|
CVE-2025-9086
[Apple curl] Multiple issues in curl |
MEDIUM 4.3 | — | [Apple curl] Multiple issues in curl | |
|
CVE-2025-5918
[Apple libarchive] Processing a file may lead to memory corruption |
LOW 3.9 | — | [Apple libarchive] Processing a file may lead to memory corruption | |
|
CVE-2025-46290
[Apple Security] A remote attacker may be able to cause a denial-of-service |
N/A | — | [Apple Security] A remote attacker may be able to cause a denial-of-service | |
|
CVE-2025-43501
[Apple WebKit] Processing maliciously crafted web content may lead to an unexpected process crash |
N/A | — | [Apple WebKit] Processing maliciously crafted web content may lead to an unexpected process crash | |
|
CVE-2025-43512
[Apple Kernel] An app may be able to elevate privileges |
N/A | — | [Apple Kernel] An app may be able to elevate privileges | |
|
CVE-2025-43530
[Apple VoiceOver] An app may be able to access sensitive user data |
N/A | — | [Apple VoiceOver] An app may be able to access sensitive user data | |
|
CVE-2025-43531
[Apple WebKit] Processing maliciously crafted web content may lead to an unexpected process crash |
N/A | — | [Apple WebKit] Processing maliciously crafted web content may lead to an unexpected process crash | |
|
CVE-2025-43532
[Apple Foundation] Processing malicious data may lead to unexpected app termination |
N/A | — | [Apple Foundation] Processing malicious data may lead to unexpected app termination | |
|
CVE-2025-43535
[Apple WebKit] Processing maliciously crafted web content may lead to an unexpected process crash |
N/A | — | [Apple WebKit] Processing maliciously crafted web content may lead to an unexpected process crash | |
|
CVE-2025-43536
[Apple WebKit] Processing maliciously crafted web content may lead to an unexpected process crash |
N/A | — | [Apple WebKit] Processing maliciously crafted web content may lead to an unexpected process crash | |
|
CVE-2025-43538
[Apple Screen Time] An app may be able to access sensitive user data |
N/A | — | [Apple Screen Time] An app may be able to access sensitive user data | |
|
CVE-2025-43539
[Apple AppleJPEG] Processing a file may lead to memory corruption |
N/A | — | [Apple AppleJPEG] Processing a file may lead to memory corruption | |
|
CVE-2025-43541
[Apple WebKit] Processing maliciously crafted web content may lead to an unexpected Safari crash |
N/A | — | [Apple WebKit] Processing maliciously crafted web content may lead to an unexpected Safari crash | |
|
CVE-2025-43542
[Apple FaceTime] Password fields may be unintentionally revealed when remotely controlling a device over FaceTime |
N/A | — | [Apple FaceTime] Password fields may be unintentionally revealed when remotely controlling a device over FaceTime | |
|
CVE-2025-46276
[Apple Messages] An app may be able to access sensitive user data |
N/A | — | [Apple Messages] An app may be able to access sensitive user data | |
|
CVE-2025-46279
[Apple Icons] An app may be able to identify what other apps a user has installed |
N/A | — | [Apple Icons] An app may be able to identify what other apps a user has installed | |
|
CVE-2025-46285
[Apple Kernel] An app may be able to gain root privileges |
N/A | — | [Apple Kernel] An app may be able to gain root privileges | |
|
CVE-2025-46287
[Apple Call History] An attacker may be able to spoof their FaceTime caller ID |
N/A | — | [Apple Call History] An attacker may be able to spoof their FaceTime caller ID | |
|
CVE-2025-46292
[Apple Telephony] An app may be able to access user-sensitive data |
N/A | — | [Apple Telephony] An app may be able to access user-sensitive data | |
|
CVE-2025-46311
[Apple Mail] An app may be able to access sensitive user data |
N/A | — | [Apple Mail] An app may be able to access sensitive user data |