VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-ukah-bp2y-bkd6

Essentials
Severities (33)
References (24)
Severity details (15)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-ukah-bp2y-bkd6
Aliases	CVE-2024-44187
Summary	A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins. This issue is fixed in Safari 18, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, tvOS 18. A malicious website may exfiltrate data cross-origin.
Status	Published
Exploitability	0.5
Weighted Severity	5.9
Risk	3.0
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-346

Origin Validation Error

System	Score	Found at
cvssv3	6.5	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-44187.json
epss	0.00115	https://api.first.org/data/v1/epss?cve=CVE-2024-44187
epss	0.00115	https://api.first.org/data/v1/epss?cve=CVE-2024-44187
epss	0.00115	https://api.first.org/data/v1/epss?cve=CVE-2024-44187
epss	0.00115	https://api.first.org/data/v1/epss?cve=CVE-2024-44187
epss	0.00115	https://api.first.org/data/v1/epss?cve=CVE-2024-44187
epss	0.00115	https://api.first.org/data/v1/epss?cve=CVE-2024-44187
epss	0.00115	https://api.first.org/data/v1/epss?cve=CVE-2024-44187
epss	0.00115	https://api.first.org/data/v1/epss?cve=CVE-2024-44187
epss	0.00115	https://api.first.org/data/v1/epss?cve=CVE-2024-44187
epss	0.00115	https://api.first.org/data/v1/epss?cve=CVE-2024-44187
epss	0.00115	https://api.first.org/data/v1/epss?cve=CVE-2024-44187
epss	0.00115	https://api.first.org/data/v1/epss?cve=CVE-2024-44187
epss	0.00115	https://api.first.org/data/v1/epss?cve=CVE-2024-44187
epss	0.00115	https://api.first.org/data/v1/epss?cve=CVE-2024-44187
epss	0.00115	https://api.first.org/data/v1/epss?cve=CVE-2024-44187
epss	0.00115	https://api.first.org/data/v1/epss?cve=CVE-2024-44187
epss	0.00115	https://api.first.org/data/v1/epss?cve=CVE-2024-44187
epss	0.00115	https://api.first.org/data/v1/epss?cve=CVE-2024-44187
cvssv3.1	6.5	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1	6.5	https://nvd.nist.gov/vuln/detail/CVE-2024-44187
cvssv3.1	6.5	https://support.apple.com/en-us/121238
ssvc	Track	https://support.apple.com/en-us/121238
cvssv3.1	6.5	https://support.apple.com/en-us/121240
ssvc	Track	https://support.apple.com/en-us/121240
cvssv3.1	6.5	https://support.apple.com/en-us/121241
ssvc	Track	https://support.apple.com/en-us/121241
cvssv3.1	6.5	https://support.apple.com/en-us/121248
ssvc	Track	https://support.apple.com/en-us/121248
cvssv3.1	6.5	https://support.apple.com/en-us/121249
ssvc	Track	https://support.apple.com/en-us/121249
cvssv3.1	6.5	https://support.apple.com/en-us/121250
ssvc	Track	https://support.apple.com/en-us/121250

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-44187.json
		https://api.first.org/data/v1/epss?cve=CVE-2024-44187
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44187
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
121238		https://support.apple.com/en-us/121238
121240		https://support.apple.com/en-us/121240
121241		https://support.apple.com/en-us/121241
121248		https://support.apple.com/en-us/121248
121249		https://support.apple.com/en-us/121249
121250		https://support.apple.com/en-us/121250
2314706		https://bugzilla.redhat.com/show_bug.cgi?id=2314706
cpe:2.3:a:apple:safari::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:safari::::::::
cpe:2.3:o:apple:ipados::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:ipados::::::::
cpe:2.3:o:apple:iphone_os::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os::::::::
cpe:2.3:o:apple:macos::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:macos::::::::
cpe:2.3:o:apple:tvos::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos::::::::
cpe:2.3:o:apple:visionos::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:visionos::::::::
cpe:2.3:o:apple:watchos::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos::::::::
CVE-2024-44187		https://nvd.nist.gov/vuln/detail/CVE-2024-44187
RHSA-2024:8180		https://access.redhat.com/errata/RHSA-2024:8180
RHSA-2024:9553		https://access.redhat.com/errata/RHSA-2024:9553
RHSA-2024:9636		https://access.redhat.com/errata/RHSA-2024:9636
RHSA-2025:10364		https://access.redhat.com/errata/RHSA-2025:10364
USN-7079-1		https://usn.ubuntu.com/7079-1/

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-44187.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2024-44187

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://support.apple.com/en-us/121238

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-17T13:44:18Z/ Found at https://support.apple.com/en-us/121238

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://support.apple.com/en-us/121240

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-17T13:44:18Z/ Found at https://support.apple.com/en-us/121240

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://support.apple.com/en-us/121241

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-17T13:44:18Z/ Found at https://support.apple.com/en-us/121241

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://support.apple.com/en-us/121248

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-17T13:44:18Z/ Found at https://support.apple.com/en-us/121248

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://support.apple.com/en-us/121249

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-17T13:44:18Z/ Found at https://support.apple.com/en-us/121249

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://support.apple.com/en-us/121250

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-17T13:44:18Z/ Found at https://support.apple.com/en-us/121250

Exploit Prediction Scoring System (EPSS)

Percentile	0.30977
EPSS Score	0.00115
Published At	July 30, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2025-07-31T08:46:43.181242+00:00	Ubuntu USN Importer	Import	https://usn.ubuntu.com/7079-1/	37.0.0