VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-m7v6-g4x2-6ue4

Essentials
Severities (10)
References (28)
Severity details (4)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-m7v6-g4x2-6ue4
Aliases	CVE-2024-55549
Summary	xsltGetInheritedNsList in libxslt before 1.1.43 has a use-after-free issue related to exclusion of result prefixes.
Status	Published
Exploitability	0.5
Weighted Severity	7.0
Risk	3.5
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-416

Use After Free

System	Score	Found at
cvssv3	7.8	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-55549.json
epss	5e-05	https://api.first.org/data/v1/epss?cve=CVE-2024-55549
epss	5e-05	https://api.first.org/data/v1/epss?cve=CVE-2024-55549
epss	5e-05	https://api.first.org/data/v1/epss?cve=CVE-2024-55549
epss	5e-05	https://api.first.org/data/v1/epss?cve=CVE-2024-55549
epss	5e-05	https://api.first.org/data/v1/epss?cve=CVE-2024-55549
epss	5e-05	https://api.first.org/data/v1/epss?cve=CVE-2024-55549
cvssv3.1	7.8	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1	7.8	https://gitlab.gnome.org/GNOME/libxslt/-/issues/127
ssvc	Track	https://gitlab.gnome.org/GNOME/libxslt/-/issues/127

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-55549.json
		https://api.first.org/data/v1/epss?cve=CVE-2024-55549
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-55549
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://gitlab.gnome.org/GNOME/libxslt/-/issues/127
1100565		https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1100565
2352484		https://bugzilla.redhat.com/show_bug.cgi?id=2352484
RHSA-2025:3612		https://access.redhat.com/errata/RHSA-2025:3612
RHSA-2025:3613		https://access.redhat.com/errata/RHSA-2025:3613
RHSA-2025:3614		https://access.redhat.com/errata/RHSA-2025:3614
RHSA-2025:3615		https://access.redhat.com/errata/RHSA-2025:3615
RHSA-2025:3619		https://access.redhat.com/errata/RHSA-2025:3619
RHSA-2025:3624		https://access.redhat.com/errata/RHSA-2025:3624
RHSA-2025:3625		https://access.redhat.com/errata/RHSA-2025:3625
RHSA-2025:3626		https://access.redhat.com/errata/RHSA-2025:3626
RHSA-2025:3627		https://access.redhat.com/errata/RHSA-2025:3627
RHSA-2025:4025		https://access.redhat.com/errata/RHSA-2025:4025
RHSA-2025:4098		https://access.redhat.com/errata/RHSA-2025:4098
RHSA-2025:4422		https://access.redhat.com/errata/RHSA-2025:4422
RHSA-2025:4427		https://access.redhat.com/errata/RHSA-2025:4427
RHSA-2025:4431		https://access.redhat.com/errata/RHSA-2025:4431
RHSA-2025:4677		https://access.redhat.com/errata/RHSA-2025:4677
RHSA-2025:4731		https://access.redhat.com/errata/RHSA-2025:4731
RHSA-2025:7410		https://access.redhat.com/errata/RHSA-2025:7410
RHSA-2025:7496		https://access.redhat.com/errata/RHSA-2025:7496
RHSA-2025:7702		https://access.redhat.com/errata/RHSA-2025:7702
RHSA-2025:8303		https://access.redhat.com/errata/RHSA-2025:8303
USN-7357-1		https://usn.ubuntu.com/7357-1/

No exploits are available.

Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-55549.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H Found at https://gitlab.gnome.org/GNOME/libxslt/-/issues/127

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-14T19:26:54Z/ Found at https://gitlab.gnome.org/GNOME/libxslt/-/issues/127

Exploit Prediction Scoring System (EPSS)

Percentile	0.00182
EPSS Score	5e-05
Published At	Aug. 10, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2025-07-31T08:43:07.049874+00:00	Alpine Linux Importer	Import	https://secdb.alpinelinux.org/v3.18/main.json	37.0.0