VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-5atm-grhu-9bf1

Essentials
Severities (47)
References (40)
Severity details (29)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-5atm-grhu-9bf1
Aliases	CVE-2024-23254
Summary	The issue was addressed with improved UI handling. This issue is fixed in tvOS 17.4, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, Safari 17.4. A malicious website may exfiltrate audio data cross-origin.
Status	Published
Exploitability	0.5
Weighted Severity	5.9
Risk	3.0
Affected and Fixed Packages	Package Details

Weaknesses (0)

There are no known CWE.

System	Score	Found at
cvssv3	6.5	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23254.json
epss	0.00498	https://api.first.org/data/v1/epss?cve=CVE-2024-23254
epss	0.00498	https://api.first.org/data/v1/epss?cve=CVE-2024-23254
epss	0.00498	https://api.first.org/data/v1/epss?cve=CVE-2024-23254
epss	0.00498	https://api.first.org/data/v1/epss?cve=CVE-2024-23254
epss	0.00498	https://api.first.org/data/v1/epss?cve=CVE-2024-23254
epss	0.00498	https://api.first.org/data/v1/epss?cve=CVE-2024-23254
epss	0.00498	https://api.first.org/data/v1/epss?cve=CVE-2024-23254
epss	0.00498	https://api.first.org/data/v1/epss?cve=CVE-2024-23254
epss	0.00498	https://api.first.org/data/v1/epss?cve=CVE-2024-23254
epss	0.00498	https://api.first.org/data/v1/epss?cve=CVE-2024-23254
epss	0.00498	https://api.first.org/data/v1/epss?cve=CVE-2024-23254
epss	0.00498	https://api.first.org/data/v1/epss?cve=CVE-2024-23254
epss	0.00498	https://api.first.org/data/v1/epss?cve=CVE-2024-23254
epss	0.00498	https://api.first.org/data/v1/epss?cve=CVE-2024-23254
epss	0.00498	https://api.first.org/data/v1/epss?cve=CVE-2024-23254
epss	0.00498	https://api.first.org/data/v1/epss?cve=CVE-2024-23254
epss	0.00498	https://api.first.org/data/v1/epss?cve=CVE-2024-23254
epss	0.00498	https://api.first.org/data/v1/epss?cve=CVE-2024-23254
cvssv3.1	6.5	http://seclists.org/fulldisclosure/2024/Mar/20
ssvc	Track	http://seclists.org/fulldisclosure/2024/Mar/20
cvssv3.1	6.5	http://seclists.org/fulldisclosure/2024/Mar/21
ssvc	Track	http://seclists.org/fulldisclosure/2024/Mar/21
cvssv3.1	6.5	http://seclists.org/fulldisclosure/2024/Mar/24
ssvc	Track	http://seclists.org/fulldisclosure/2024/Mar/24
cvssv3.1	6.5	http://seclists.org/fulldisclosure/2024/Mar/25
ssvc	Track	http://seclists.org/fulldisclosure/2024/Mar/25
cvssv3.1	6.5	http://seclists.org/fulldisclosure/2024/Mar/26
ssvc	Track	http://seclists.org/fulldisclosure/2024/Mar/26
cvssv3.1	6.5	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1	6.5	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IXLXIOAH5S7J22LJTCIAVFVVJ4TESAX4/
ssvc	Track	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IXLXIOAH5S7J22LJTCIAVFVVJ4TESAX4/
cvssv3.1	6.5	https://nvd.nist.gov/vuln/detail/CVE-2024-23254
cvssv3.1	6.5	https://support.apple.com/en-us/HT214081
ssvc	Track	https://support.apple.com/en-us/HT214081
cvssv3.1	6.5	https://support.apple.com/en-us/HT214084
ssvc	Track	https://support.apple.com/en-us/HT214084
cvssv3.1	6.5	https://support.apple.com/en-us/HT214086
ssvc	Track	https://support.apple.com/en-us/HT214086
cvssv3.1	6.5	https://support.apple.com/en-us/HT214087
ssvc	Track	https://support.apple.com/en-us/HT214087
cvssv3.1	6.5	https://support.apple.com/en-us/HT214088
ssvc	Track	https://support.apple.com/en-us/HT214088
cvssv3.1	6.5	https://support.apple.com/en-us/HT214089
ssvc	Track	https://support.apple.com/en-us/HT214089
cvssv3.1	6.5	http://www.openwall.com/lists/oss-security/2024/03/26/1
ssvc	Track	http://www.openwall.com/lists/oss-security/2024/03/26/1

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23254.json
		https://api.first.org/data/v1/epss?cve=CVE-2024-23254
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42843
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42950
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42956
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23254
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23263
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23280
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23284
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54658
		http://seclists.org/fulldisclosure/2024/Mar/21
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
1		http://www.openwall.com/lists/oss-security/2024/03/26/1
20		http://seclists.org/fulldisclosure/2024/Mar/20
2270289		https://bugzilla.redhat.com/show_bug.cgi?id=2270289
24		http://seclists.org/fulldisclosure/2024/Mar/24
25		http://seclists.org/fulldisclosure/2024/Mar/25
26		http://seclists.org/fulldisclosure/2024/Mar/26
cpe:2.3:a:apple:safari::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:safari::::::::
cpe:2.3:a:webkitgtk:webkitgtk::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:webkitgtk:webkitgtk::::::::
cpe:2.3:a:wpewebkit:wpe_webkit::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wpewebkit:wpe_webkit::::::::
cpe:2.3:o:apple:ipad_os::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:ipad_os::::::::
cpe:2.3:o:apple:iphone_os::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os::::::::
cpe:2.3:o:apple:macos::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:macos::::::::
cpe:2.3:o:apple:tvos::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos::::::::
cpe:2.3:o:apple:visionos::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:visionos::::::::
cpe:2.3:o:apple:watchos::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos::::::::
cpe:2.3:o:fedoraproject:fedora:40:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:40:::::::*
CVE-2024-23254		https://nvd.nist.gov/vuln/detail/CVE-2024-23254
HT214081		https://support.apple.com/en-us/HT214081
HT214084		https://support.apple.com/en-us/HT214084
HT214086		https://support.apple.com/en-us/HT214086
HT214087		https://support.apple.com/en-us/HT214087
HT214088		https://support.apple.com/en-us/HT214088
HT214089		https://support.apple.com/en-us/HT214089
IXLXIOAH5S7J22LJTCIAVFVVJ4TESAX4		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IXLXIOAH5S7J22LJTCIAVFVVJ4TESAX4/
RHSA-2024:10481		https://access.redhat.com/errata/RHSA-2024:10481
RHSA-2024:8180		https://access.redhat.com/errata/RHSA-2024:8180
RHSA-2025:10364		https://access.redhat.com/errata/RHSA-2025:10364
USN-6732-1		https://usn.ubuntu.com/6732-1/

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23254.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at http://seclists.org/fulldisclosure/2024/Mar/20

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-08T15:22:13Z/ Found at http://seclists.org/fulldisclosure/2024/Mar/20

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at http://seclists.org/fulldisclosure/2024/Mar/21

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-08T15:22:13Z/ Found at http://seclists.org/fulldisclosure/2024/Mar/21

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at http://seclists.org/fulldisclosure/2024/Mar/24

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-08T15:22:13Z/ Found at http://seclists.org/fulldisclosure/2024/Mar/24

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at http://seclists.org/fulldisclosure/2024/Mar/25

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-08T15:22:13Z/ Found at http://seclists.org/fulldisclosure/2024/Mar/25

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at http://seclists.org/fulldisclosure/2024/Mar/26

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-08T15:22:13Z/ Found at http://seclists.org/fulldisclosure/2024/Mar/26

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IXLXIOAH5S7J22LJTCIAVFVVJ4TESAX4/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-08T15:22:13Z/ Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IXLXIOAH5S7J22LJTCIAVFVVJ4TESAX4/

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2024-23254

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://support.apple.com/en-us/HT214081

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-08T15:22:13Z/ Found at https://support.apple.com/en-us/HT214081

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://support.apple.com/en-us/HT214084

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-08T15:22:13Z/ Found at https://support.apple.com/en-us/HT214084

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://support.apple.com/en-us/HT214086

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-08T15:22:13Z/ Found at https://support.apple.com/en-us/HT214086

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://support.apple.com/en-us/HT214087

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-08T15:22:13Z/ Found at https://support.apple.com/en-us/HT214087

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://support.apple.com/en-us/HT214088

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-08T15:22:13Z/ Found at https://support.apple.com/en-us/HT214088

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://support.apple.com/en-us/HT214089

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-08T15:22:13Z/ Found at https://support.apple.com/en-us/HT214089

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at http://www.openwall.com/lists/oss-security/2024/03/26/1

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-08T15:22:13Z/ Found at http://www.openwall.com/lists/oss-security/2024/03/26/1

Exploit Prediction Scoring System (EPSS)

Percentile	0.6483
EPSS Score	0.00498
Published At	July 30, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2025-07-31T08:40:15.339449+00:00	Ubuntu USN Importer	Import	https://usn.ubuntu.com/6732-1/	37.0.0