Apple Ios 17.4 And Ipados vulnerabilities

CVE-2024-23235 [MEDIUM] CVE-2024-23235: iOS 17.4 and iPadOS 17.4 Apple Security Update: About the security content of iOS 17.4 and iPadOS 17.4 Product: iOS 17.4 and iPadOS Version: 17.4 CVE: CVE-2024-23235 Component: CVE-2024-23235

CVE-2024-23284 [MEDIUM] CVE-2024-23284: iOS 17.4 and iPadOS 17.4 Apple Security Update: About the security content of iOS 17.4 and iPadOS 17.4 Product: iOS 17.4 and iPadOS Version: 17.4 CVE: CVE-2024-23284 Component: WebKit Impact: Processing maliciously crafted web content may prevent Content Security Policy from being enforced Description: A logic issue was addressed with improved state management.

CVE-2024-23297 [MEDIUM] CVE-2024-23297: iOS 17.4 and iPadOS 17.4 Apple Security Update: About the security content of iOS 17.4 and iPadOS 17.4 Product: iOS 17.4 and iPadOS Version: 17.4 CVE: CVE-2024-23297 Component: MediaRemote Impact: A malicious application may be able to access private information Description: The issue was addressed with improved checks.

CVE-2024-54658 [MEDIUM] CVE-2024-54658: iOS 17.4 and iPadOS 17.4 Apple Security Update: About the security content of iOS 17.4 and iPadOS 17.4 Product: iOS 17.4 and iPadOS Version: 17.4 CVE: CVE-2024-54658 Component: WebKit Impact: Processing web content may lead to a denial-of-service Description: The issue was addressed with improved memory handling.

CVE-2024-23241 [MEDIUM] CVE-2024-23241: iOS 17.4 and iPadOS 17.4 Apple Security Update: About the security content of iOS 17.4 and iPadOS 17.4 Product: iOS 17.4 and iPadOS Version: 17.4 CVE: CVE-2024-23241 Component: CVE-2024-23241

CVE-2024-23280 [MEDIUM] CVE-2024-23280: iOS 17.4 and iPadOS 17.4 Apple Security Update: About the security content of iOS 17.4 and iPadOS 17.4 Product: iOS 17.4 and iPadOS Version: 17.4 CVE: CVE-2024-23280 Component: WebKit Impact: A maliciously crafted webpage may be able to fingerprint the user Description: An injection issue was addressed with improved validation.

CVE-2024-23231 [MEDIUM] CVE-2024-23231: iOS 17.4 and iPadOS 17.4 Apple Security Update: About the security content of iOS 17.4 and iPadOS 17.4 Product: iOS 17.4 and iPadOS Version: 17.4 CVE: CVE-2024-23231 Component: Share Sheet Impact: An app may be able to access user-sensitive data Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2024-23287 [MEDIUM] CVE-2024-23287: iOS 17.4 and iPadOS 17.4 Apple Security Update: About the security content of iOS 17.4 and iPadOS 17.4 Product: iOS 17.4 and iPadOS Version: 17.4 CVE: CVE-2024-23287 Component: Messages Impact: An app may be able to access user-sensitive data Description: A privacy issue was addressed with improved handling of temporary files.

CVE-2024-23220 [MEDIUM] CVE-2024-23220: iOS 17.4 and iPadOS 17.4 Apple Security Update: About the security content of iOS 17.4 and iPadOS 17.4 Product: iOS 17.4 and iPadOS Version: 17.4 CVE: CVE-2024-23220 Component: CVE-2024-23220

CVE-2024-23250 [MEDIUM] CVE-2024-23250: iOS 17.4 and iPadOS 17.4 Apple Security Update: About the security content of iOS 17.4 and iPadOS 17.4 Product: iOS 17.4 and iPadOS Version: 17.4 CVE: CVE-2024-23250 Component: CoreBluetooth - LE Impact: An app may be able to access Bluetooth-connected microphones without user permission Description: An access issue was addressed with improved access restrictions.

CVE-2024-23290 [MEDIUM] CVE-2024-23290: iOS 17.4 and iPadOS 17.4 Apple Security Update: About the security content of iOS 17.4 and iPadOS 17.4 Product: iOS 17.4 and iPadOS Version: 17.4 CVE: CVE-2024-23290 Component: Sandbox Impact: An app may be able to access user-sensitive data Description: A logic issue was addressed with improved restrictions.

CVE-2024-23259 [MEDIUM] CVE-2024-23259: iOS 17.4 and iPadOS 17.4 Apple Security Update: About the security content of iOS 17.4 and iPadOS 17.4 Product: iOS 17.4 and iPadOS Version: 17.4 CVE: CVE-2024-23259 Component: Safari Impact: Processing web content may lead to a denial-of-service Description: The issue was addressed with improved checks.

CVE-2024-23243 [LOW] CVE-2024-23243: iOS 17.4 and iPadOS 17.4 Apple Security Update: About the security content of iOS 17.4 and iPadOS 17.4 Product: iOS 17.4 and iPadOS Version: 17.4 CVE: CVE-2024-23243 Component: Accessibility Impact: An app may be able to read sensitive location information Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2024-23255 [LOW] CVE-2024-23255: iOS 17.4 and iPadOS 17.4 Apple Security Update: About the security content of iOS 17.4 and iPadOS 17.4 Product: iOS 17.4 and iPadOS Version: 17.4 CVE: CVE-2024-23255 Component: Photos Impact: Photos in the Hidden Photos Album may be viewed without authentication Description: An authentication issue was addressed with improved state management.

CVE-2024-23256 [LOW] CVE-2024-23256: iOS 17.4 and iPadOS 17.4 Apple Security Update: About the security content of iOS 17.4 and iPadOS 17.4 Product: iOS 17.4 and iPadOS Version: 17.4 CVE: CVE-2024-23256 Component: Safari Private Browsing Impact: A user's locked tabs may be briefly visible while switching tab groups when Locked Private Browsing is enabled Description: A logic issue was addressed with improved state management.

CVE-2024-23291 [LOW] CVE-2024-23291: iOS 17.4 and iPadOS 17.4 Apple Security Update: About the security content of iOS 17.4 and iPadOS 17.4 Product: iOS 17.4 and iPadOS Version: 17.4 CVE: CVE-2024-23291 Component: CVE-2024-23291

CVE-2024-23262 [LOW] CVE-2024-23262: iOS 17.4 and iPadOS 17.4 Apple Security Update: About the security content of iOS 17.4 and iPadOS 17.4 Product: iOS 17.4 and iPadOS Version: 17.4 CVE: CVE-2024-23262 Component: Accessibility Impact: An app may be able to spoof system notifications and UI Description: This issue was addressed with additional entitlement checks.

CVE-2024-23240 [LOW] CVE-2024-23240: iOS 17.4 and iPadOS 17.4 Apple Security Update: About the security content of iOS 17.4 and iPadOS 17.4 Product: iOS 17.4 and iPadOS Version: 17.4 CVE: CVE-2024-23240 Component: Photos Impact: Shake-to-undo may allow a deleted photo to be re-surfaced without authentication Description: The issue was addressed with improved checks.

CVE-2024-23289 [LOW] CVE-2024-23289: iOS 17.4 and iPadOS 17.4 Apple Security Update: About the security content of iOS 17.4 and iPadOS 17.4 Product: iOS 17.4 and iPadOS Version: 17.4 CVE: CVE-2024-23289 Component: Siri Impact: A person with physical access to a device may be able to use Siri to access private calendar information Description: A lock screen issue was addressed with improved state management.

CVE-2024-23292 [LOW] CVE-2024-23292: iOS 17.4 and iPadOS 17.4 Apple Security Update: About the security content of iOS 17.4 and iPadOS 17.4 Product: iOS 17.4 and iPadOS Version: 17.4 CVE: CVE-2024-23292 Component: Shortcuts Impact: An app may be able to access information about a user's contacts Description: This issue was addressed with improved data protection.