VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-5ztq-sthz-pqc5

Essentials
Severities (85)
References (29)
Severity details (15)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-5ztq-sthz-pqc5
Aliases	CVE-2024-54467
Summary	webkitgtk: A malicious website may exfiltrate data cross-origin
Status	Published
Exploitability	0.5
Weighted Severity	5.9
Risk	3.0
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

System	Score	Found at
cvssv3	6.5	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-54467.json
epss	0.00029	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00036	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00039	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00039	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00039	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00039	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00039	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00039	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00039	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00039	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00039	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00039	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00039	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00039	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00039	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00039	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00039	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00039	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.0004	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.0004	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.0004	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.0004	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.0004	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.0004	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00046	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00046	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00046	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00047	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00047	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00047	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00047	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00047	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00047	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00047	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00047	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00047	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00047	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00047	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
epss	0.00048	https://api.first.org/data/v1/epss?cve=CVE-2024-54467
cvssv3.1	6.5	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1	6.5	https://nvd.nist.gov/vuln/detail/CVE-2024-54467
ssvc	Track	https://support.apple.com/en-us/121238
ssvc	Track	https://support.apple.com/en-us/121238
cvssv3.1	6.5	https://support.apple.com/en-us/121240
ssvc	Track	https://support.apple.com/en-us/121240
cvssv3.1	6.5	https://support.apple.com/en-us/121241
ssvc	Track	https://support.apple.com/en-us/121241
ssvc	Track	https://support.apple.com/en-us/121248
ssvc	Track	https://support.apple.com/en-us/121248
cvssv3.1	6.5	https://support.apple.com/en-us/121249
ssvc	Track	https://support.apple.com/en-us/121249
cvssv3.1	6.5	https://support.apple.com/en-us/121250
ssvc	Track	https://support.apple.com/en-us/121250

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-54467.json
		https://api.first.org/data/v1/epss?cve=CVE-2024-54467
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54467
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://support.apple.com/en-us/121238
		https://support.apple.com/en-us/121240
		https://support.apple.com/en-us/121241
		https://support.apple.com/en-us/121248
		https://support.apple.com/en-us/121249
		https://support.apple.com/en-us/121250
2353872		https://bugzilla.redhat.com/show_bug.cgi?id=2353872
cpe:2.3:a:apple:safari::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:safari::::::::
cpe:2.3:o:apple:ipados::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:ipados::::::::
cpe:2.3:o:apple:iphone_os::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os::::::::
cpe:2.3:o:apple:macos::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:macos::::::::
cpe:2.3:o:apple:tvos::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos::::::::
cpe:2.3:o:apple:watchos::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos::::::::
CVE-2024-54467		https://nvd.nist.gov/vuln/detail/CVE-2024-54467
RHSA-2025:3713		https://access.redhat.com/errata/RHSA-2025:3713
RHSA-2025:3755		https://access.redhat.com/errata/RHSA-2025:3755
RHSA-2025:3756		https://access.redhat.com/errata/RHSA-2025:3756
RHSA-2025:3974		https://access.redhat.com/errata/RHSA-2025:3974
RHSA-2025:4445		https://access.redhat.com/errata/RHSA-2025:4445
RHSA-2025:7387		https://access.redhat.com/errata/RHSA-2025:7387
RHSA-2025:8064		https://access.redhat.com/errata/RHSA-2025:8064
RHSA-2025:8065		https://access.redhat.com/errata/RHSA-2025:8065
RHSA-2025:8066		https://access.redhat.com/errata/RHSA-2025:8066
RHSA-2025:8194		https://access.redhat.com/errata/RHSA-2025:8194
USN-7395-1		https://usn.ubuntu.com/7395-1/

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-54467.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2024-54467

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-11T02:34:06Z/ Found at https://support.apple.com/en-us/121238

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://support.apple.com/en-us/121240

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-11T02:34:06Z/ Found at https://support.apple.com/en-us/121240

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://support.apple.com/en-us/121241

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-11T02:34:06Z/ Found at https://support.apple.com/en-us/121241

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-11T02:34:06Z/ Found at https://support.apple.com/en-us/121248

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://support.apple.com/en-us/121249

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-11T02:34:06Z/ Found at https://support.apple.com/en-us/121249

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://support.apple.com/en-us/121250

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-11T02:34:06Z/ Found at https://support.apple.com/en-us/121250

Exploit Prediction Scoring System (EPSS)

Percentile	0.04015
EPSS Score	0.00029
Published At	March 29, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2025-03-28T05:41:55.091457+00:00	RedHat Importer	Import	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-54467.json	36.0.0