{
  "threat_severity" : "Moderate",
  "public_date" : "2024-12-11T22:58:51Z",
  "bugzilla" : {
    "description" : "webkit: Processing maliciously crafted web content may lead to an unexpected process crash",
    "id" : "2333843",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2333843"
  },
  "cvss3" : {
    "cvss3_base_score" : "6.5",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
    "status" : "verified"
  },
  "cwe" : "CWE-125",
  "details" : [ "The issue was addressed with improved checks. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.6, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. Processing maliciously crafted web content may lead to an unexpected process crash.", "A vulnerability was found in Webkit. Processing maliciously crafted web content may lead to an unexpected process crash." ],
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
    "release_date" : "2025-07-07T00:00:00Z",
    "advisory" : "RHSA-2025:10364",
    "cpe" : "cpe:/o:redhat:rhel_els:7",
    "package" : "webkitgtk4-0:2.48.3-2.el7_9"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2025-01-09T00:00:00Z",
    "advisory" : "RHSA-2025:0145",
    "cpe" : "cpe:/a:redhat:enterprise_linux:8",
    "package" : "webkit2gtk3-0:2.46.5-1.el8_10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.2 Advanced Update Support",
    "release_date" : "2025-01-13T00:00:00Z",
    "advisory" : "RHSA-2025:0276",
    "cpe" : "cpe:/a:redhat:rhel_aus:8.2",
    "package" : "webkit2gtk3-0:2.46.5-1.el8_2"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
    "release_date" : "2025-01-13T00:00:00Z",
    "advisory" : "RHSA-2025:0278",
    "cpe" : "cpe:/a:redhat:rhel_aus:8.4",
    "package" : "webkit2gtk3-0:2.46.5-1.el8_4"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
    "release_date" : "2025-01-13T00:00:00Z",
    "advisory" : "RHSA-2025:0278",
    "cpe" : "cpe:/a:redhat:rhel_tus:8.4",
    "package" : "webkit2gtk3-0:2.46.5-1.el8_4"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
    "release_date" : "2025-01-13T00:00:00Z",
    "advisory" : "RHSA-2025:0278",
    "cpe" : "cpe:/a:redhat:rhel_e4s:8.4",
    "package" : "webkit2gtk3-0:2.46.5-1.el8_4"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
    "release_date" : "2025-01-13T00:00:00Z",
    "advisory" : "RHSA-2025:0277",
    "cpe" : "cpe:/a:redhat:rhel_aus:8.6",
    "package" : "webkit2gtk3-0:2.46.5-1.el8_6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
    "release_date" : "2025-01-13T00:00:00Z",
    "advisory" : "RHSA-2025:0277",
    "cpe" : "cpe:/a:redhat:rhel_tus:8.6",
    "package" : "webkit2gtk3-0:2.46.5-1.el8_6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
    "release_date" : "2025-01-13T00:00:00Z",
    "advisory" : "RHSA-2025:0277",
    "cpe" : "cpe:/a:redhat:rhel_e4s:8.6",
    "package" : "webkit2gtk3-0:2.46.5-1.el8_6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.8 Extended Update Support",
    "release_date" : "2025-01-13T00:00:00Z",
    "advisory" : "RHSA-2025:0279",
    "cpe" : "cpe:/a:redhat:rhel_eus:8.8",
    "package" : "webkit2gtk3-0:2.46.5-1.el8_8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2025-01-09T00:00:00Z",
    "advisory" : "RHSA-2025:0146",
    "cpe" : "cpe:/a:redhat:enterprise_linux:9",
    "package" : "webkit2gtk3-0:2.46.5-1.el9_5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
    "release_date" : "2025-01-13T00:00:00Z",
    "advisory" : "RHSA-2025:0283",
    "cpe" : "cpe:/a:redhat:rhel_e4s:9.0",
    "package" : "webkit2gtk3-0:2.46.5-1.el9_0"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9.2 Extended Update Support",
    "release_date" : "2025-01-13T00:00:00Z",
    "advisory" : "RHSA-2025:0282",
    "cpe" : "cpe:/a:redhat:rhel_eus:9.2",
    "package" : "webkit2gtk3-0:2.46.5-1.el9_2"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9.4 Extended Update Support",
    "release_date" : "2025-01-09T00:00:00Z",
    "advisory" : "RHSA-2025:0226",
    "cpe" : "cpe:/a:redhat:rhel_eus:9.4",
    "package" : "webkit2gtk3-0:2.46.5-1.el9_4"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Out of support scope",
    "package_name" : "webkitgtk",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Will not fix",
    "package_name" : "webkitgtk3",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2024-54502\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-54502\nhttps://support.apple.com/en-us/121837\nhttps://support.apple.com/en-us/121839\nhttps://support.apple.com/en-us/121843\nhttps://support.apple.com/en-us/121844\nhttps://support.apple.com/en-us/121845\nhttps://support.apple.com/en-us/121846" ],
  "name" : "CVE-2024-54502",
  "csaw" : false
}