Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:rpm/redhat/thunderbird@52.3.0-1?arch=el7_4

Type rpm

Namespace redhat

Name thunderbird

Version 52.3.0-1

Qualifiers

arch	el7_4

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url

VCID-21fd-3bm8-nuhg

vulnerability_id

VCID-21fd-3bm8-nuhg

summary

Same-origin policy protections can be bypassed on pages with embedded iframes during page reloads, allowing the iframes to access content on the top level page, leading to information disclosure.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7787.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7787.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7787

reference_id

reference_type

scores

value	0.00979
scoring_system	epss
scoring_elements	0.77094
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7787

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1479206
reference_id	1479206
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1479206

reference_url	https://security.archlinux.org/ASA-201708-18
reference_id	ASA-201708-18
reference_type
scores
url	https://security.archlinux.org/ASA-201708-18

reference_url	https://security.archlinux.org/ASA-201708-3
reference_id	ASA-201708-3
reference_type
scores
url	https://security.archlinux.org/ASA-201708-3

reference_url

https://security.archlinux.org/AVG-375

reference_id

AVG-375

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-375

reference_url

https://security.archlinux.org/AVG-385

reference_id

AVG-385

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-385

reference_url	https://security.gentoo.org/glsa/201803-14
reference_id	GLSA-201803-14
reference_type
scores
url	https://security.gentoo.org/glsa/201803-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-18

reference_id

mfsa2017-18

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-18

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-19

reference_id

mfsa2017-19

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-19

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-20

reference_id

mfsa2017-20

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-20

reference_url	https://access.redhat.com/errata/RHSA-2017:2456
reference_id	RHSA-2017:2456
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2456

reference_url	https://access.redhat.com/errata/RHSA-2017:2534
reference_id	RHSA-2017:2534
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2534

fixed_packages

aliases

CVE-2017-7787

risk_score

4.5

exploitability

0.5

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-21fd-3bm8-nuhg

url

VCID-3qw2-tzj7-u3fa

vulnerability_id

VCID-3qw2-tzj7-u3fa

summary

A buffer overflow will occur when viewing a certificate in the certificate manager if the certificate has an extremely long object identifier (OID). This results in a potentially exploitable crash.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7792.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7792.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7792

reference_id

reference_type

scores

value	0.07363
scoring_system	epss
scoring_elements	0.91851
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1479210
reference_id	1479210
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1479210

reference_url	https://security.archlinux.org/ASA-201708-18
reference_id	ASA-201708-18
reference_type
scores
url	https://security.archlinux.org/ASA-201708-18

reference_url	https://security.archlinux.org/ASA-201708-3
reference_id	ASA-201708-3
reference_type
scores
url	https://security.archlinux.org/ASA-201708-3

reference_url

https://security.archlinux.org/AVG-375

reference_id

AVG-375

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-375

reference_url

https://security.archlinux.org/AVG-385

reference_id

AVG-385

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-385

reference_url	https://security.gentoo.org/glsa/201803-14
reference_id	GLSA-201803-14
reference_type
scores
url	https://security.gentoo.org/glsa/201803-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-18

reference_id

mfsa2017-18

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-18

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-19

reference_id

mfsa2017-19

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-19

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-20

reference_id

mfsa2017-20

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-20

reference_url	https://access.redhat.com/errata/RHSA-2017:2456
reference_id	RHSA-2017:2456
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2456

reference_url	https://access.redhat.com/errata/RHSA-2017:2534
reference_id	RHSA-2017:2534
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2534

fixed_packages

aliases

CVE-2017-7792

risk_score

4.5

exploitability

0.5

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-3qw2-tzj7-u3fa

url

VCID-5a6g-h3b1-vqfy

vulnerability_id

VCID-5a6g-h3b1-vqfy

summary

A use-after-free vulnerability can occur while re-computing layout for a marquee element during window resizing where the updated style object is freed while still in use. This results in a potentially exploitable crash.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7801.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7801.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7801

reference_id

reference_type

scores

value	0.02318
scoring_system	epss
scoring_elements	0.85086
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1479223
reference_id	1479223
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1479223

reference_url	https://security.archlinux.org/ASA-201708-18
reference_id	ASA-201708-18
reference_type
scores
url	https://security.archlinux.org/ASA-201708-18

reference_url	https://security.archlinux.org/ASA-201708-3
reference_id	ASA-201708-3
reference_type
scores
url	https://security.archlinux.org/ASA-201708-3

reference_url

https://security.archlinux.org/AVG-375

reference_id

AVG-375

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-375

reference_url

https://security.archlinux.org/AVG-385

reference_id

AVG-385

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-385

reference_url	https://security.gentoo.org/glsa/201803-14
reference_id	GLSA-201803-14
reference_type
scores
url	https://security.gentoo.org/glsa/201803-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-18

reference_id

mfsa2017-18

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-18

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-19

reference_id

mfsa2017-19

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-19

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-20

reference_id

mfsa2017-20

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-20

reference_url	https://access.redhat.com/errata/RHSA-2017:2456
reference_id	RHSA-2017:2456
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2456

reference_url	https://access.redhat.com/errata/RHSA-2017:2534
reference_id	RHSA-2017:2534
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2534

fixed_packages

aliases

CVE-2017-7801

risk_score

4.5

exploitability

0.5

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-5a6g-h3b1-vqfy

url

VCID-74ur-xkr1-a7er

vulnerability_id

VCID-74ur-xkr1-a7er

summary

A use-after-free vulnerability can occur when an editor DOM node is deleted prematurely during tree traversal while still bound to the document. This results in a potentially exploitable crash.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7809.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7809.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7809

reference_id

reference_type

scores

value	0.02292
scoring_system	epss
scoring_elements	0.85015
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7809

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1479650
reference_id	1479650
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1479650

reference_url	https://security.archlinux.org/ASA-201708-18
reference_id	ASA-201708-18
reference_type
scores
url	https://security.archlinux.org/ASA-201708-18

reference_url	https://security.archlinux.org/ASA-201708-3
reference_id	ASA-201708-3
reference_type
scores
url	https://security.archlinux.org/ASA-201708-3

reference_url

https://security.archlinux.org/AVG-375

reference_id

AVG-375

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-375

reference_url

https://security.archlinux.org/AVG-385

reference_id

AVG-385

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-385

reference_url	https://security.gentoo.org/glsa/201803-14
reference_id	GLSA-201803-14
reference_type
scores
url	https://security.gentoo.org/glsa/201803-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-18

reference_id

mfsa2017-18

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-18

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-19

reference_id

mfsa2017-19

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-19

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-20

reference_id

mfsa2017-20

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-20

reference_url	https://access.redhat.com/errata/RHSA-2017:2456
reference_id	RHSA-2017:2456
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2456

reference_url	https://access.redhat.com/errata/RHSA-2017:2534
reference_id	RHSA-2017:2534
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2534

fixed_packages

aliases

CVE-2017-7809

risk_score

4.5

exploitability

0.5

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-74ur-xkr1-a7er

url

VCID-883g-dbap-u7aw

vulnerability_id

VCID-883g-dbap-u7aw

summary

A use-after-free vulnerability can occur when reading an image observer during frame reconstruction after the observer has been freed. This results in a potentially exploitable crash.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7784.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7784.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7784

reference_id

reference_type

scores

value	0.05217
scoring_system	epss
scoring_elements	0.90112
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7784

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1479201
reference_id	1479201
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1479201

reference_url	https://security.archlinux.org/ASA-201708-18
reference_id	ASA-201708-18
reference_type
scores
url	https://security.archlinux.org/ASA-201708-18

reference_url	https://security.archlinux.org/ASA-201708-3
reference_id	ASA-201708-3
reference_type
scores
url	https://security.archlinux.org/ASA-201708-3

reference_url

https://security.archlinux.org/AVG-375

reference_id

AVG-375

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-375

reference_url

https://security.archlinux.org/AVG-385

reference_id

AVG-385

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-385

reference_url	https://security.gentoo.org/glsa/201803-14
reference_id	GLSA-201803-14
reference_type
scores
url	https://security.gentoo.org/glsa/201803-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-18

reference_id

mfsa2017-18

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-18

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-19

reference_id

mfsa2017-19

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-19

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-20

reference_id

mfsa2017-20

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-20

reference_url	https://access.redhat.com/errata/RHSA-2017:2456
reference_id	RHSA-2017:2456
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2456

reference_url	https://access.redhat.com/errata/RHSA-2017:2534
reference_id	RHSA-2017:2534
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2534

fixed_packages

aliases

CVE-2017-7784

risk_score

4.5

exploitability

0.5

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-883g-dbap-u7aw

url

VCID-azwt-6846-1kgm

vulnerability_id

VCID-azwt-6846-1kgm

summary

An out-of-bounds read occurs when applying style rules to pseudo-elements, such as ::first-line, using cached style data.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7753.json

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7753.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7753

reference_id

reference_type

scores

value	0.01721
scoring_system	epss
scoring_elements	0.82744
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7753

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1479188
reference_id	1479188
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1479188

reference_url	https://security.archlinux.org/ASA-201708-18
reference_id	ASA-201708-18
reference_type
scores
url	https://security.archlinux.org/ASA-201708-18

reference_url	https://security.archlinux.org/ASA-201708-3
reference_id	ASA-201708-3
reference_type
scores
url	https://security.archlinux.org/ASA-201708-3

reference_url

https://security.archlinux.org/AVG-375

reference_id

AVG-375

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-375

reference_url

https://security.archlinux.org/AVG-385

reference_id

AVG-385

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-385

reference_url	https://security.gentoo.org/glsa/201803-14
reference_id	GLSA-201803-14
reference_type
scores
url	https://security.gentoo.org/glsa/201803-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-18

reference_id

mfsa2017-18

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-18

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-19

reference_id

mfsa2017-19

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-19

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-20

reference_id

mfsa2017-20

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-20

reference_url	https://access.redhat.com/errata/RHSA-2017:2456
reference_id	RHSA-2017:2456
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2456

reference_url	https://access.redhat.com/errata/RHSA-2017:2534
reference_id	RHSA-2017:2534
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2534

fixed_packages

aliases

CVE-2017-7753

risk_score

4.5

exploitability

0.5

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-azwt-6846-1kgm

url

VCID-f9cy-h7kt-zudr

vulnerability_id

VCID-f9cy-h7kt-zudr

summary

A use-after-free vulnerability can occur when manipulating the DOM during the resize event of an image element. If these elements have been freed due to a lack of strong references, a potentially exploitable crash may occur when the freed elements are accessed.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7802.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7802.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7802

reference_id

reference_type

scores

value	0.02292
scoring_system	epss
scoring_elements	0.85015
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7802

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1479224
reference_id	1479224
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1479224

reference_url	https://security.archlinux.org/ASA-201708-18
reference_id	ASA-201708-18
reference_type
scores
url	https://security.archlinux.org/ASA-201708-18

reference_url	https://security.archlinux.org/ASA-201708-3
reference_id	ASA-201708-3
reference_type
scores
url	https://security.archlinux.org/ASA-201708-3

reference_url

https://security.archlinux.org/AVG-375

reference_id

AVG-375

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-375

reference_url

https://security.archlinux.org/AVG-385

reference_id

AVG-385

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-385

reference_url	https://security.gentoo.org/glsa/201803-14
reference_id	GLSA-201803-14
reference_type
scores
url	https://security.gentoo.org/glsa/201803-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-18

reference_id

mfsa2017-18

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-18

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-19

reference_id

mfsa2017-19

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-19

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-20

reference_id

mfsa2017-20

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-20

reference_url	https://access.redhat.com/errata/RHSA-2017:2456
reference_id	RHSA-2017:2456
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2456

reference_url	https://access.redhat.com/errata/RHSA-2017:2534
reference_id	RHSA-2017:2534
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2534

fixed_packages

aliases

CVE-2017-7802

risk_score

4.5

exploitability

0.5

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-f9cy-h7kt-zudr

url

VCID-fznu-jdyc-47hv

vulnerability_id

VCID-fznu-jdyc-47hv

summary

When a page’s content security policy (CSP) header contains a sandbox directive, other directives are ignored. This results in the incorrect enforcement of CSP.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7803.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7803.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7803

reference_id

reference_type

scores

value	0.01098
scoring_system	epss
scoring_elements	0.78358
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7803

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1479225
reference_id	1479225
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1479225

reference_url	https://security.archlinux.org/ASA-201708-18
reference_id	ASA-201708-18
reference_type
scores
url	https://security.archlinux.org/ASA-201708-18

reference_url	https://security.archlinux.org/ASA-201708-3
reference_id	ASA-201708-3
reference_type
scores
url	https://security.archlinux.org/ASA-201708-3

reference_url

https://security.archlinux.org/AVG-375

reference_id

AVG-375

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-375

reference_url

https://security.archlinux.org/AVG-385

reference_id

AVG-385

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-385

reference_url	https://security.gentoo.org/glsa/201803-14
reference_id	GLSA-201803-14
reference_type
scores
url	https://security.gentoo.org/glsa/201803-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-18

reference_id

mfsa2017-18

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-18

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-19

reference_id

mfsa2017-19

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-19

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-20

reference_id

mfsa2017-20

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-20

reference_url	https://access.redhat.com/errata/RHSA-2017:2456
reference_id	RHSA-2017:2456
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2456

reference_url	https://access.redhat.com/errata/RHSA-2017:2534
reference_id	RHSA-2017:2534
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2534

fixed_packages

aliases

CVE-2017-7803

risk_score

4.5

exploitability

0.5

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-fznu-jdyc-47hv

url

VCID-gcyv-192g-3ygq

vulnerability_id

VCID-gcyv-192g-3ygq

summary

A buffer overflow can occur when the image renderer attempts to paint non-displayable SVG elements. This results in a potentially exploitable crash.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7786.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7786.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7786

reference_id

reference_type

scores

value	0.0852
scoring_system	epss
scoring_elements	0.92523
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7786

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1479205
reference_id	1479205
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1479205

reference_url	https://security.archlinux.org/ASA-201708-18
reference_id	ASA-201708-18
reference_type
scores
url	https://security.archlinux.org/ASA-201708-18

reference_url	https://security.archlinux.org/ASA-201708-3
reference_id	ASA-201708-3
reference_type
scores
url	https://security.archlinux.org/ASA-201708-3

reference_url

https://security.archlinux.org/AVG-375

reference_id

AVG-375

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-375

reference_url

https://security.archlinux.org/AVG-385

reference_id

AVG-385

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-385

reference_url	https://security.gentoo.org/glsa/201803-14
reference_id	GLSA-201803-14
reference_type
scores
url	https://security.gentoo.org/glsa/201803-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-18

reference_id

mfsa2017-18

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-18

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-19

reference_id

mfsa2017-19

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-19

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-20

reference_id

mfsa2017-20

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-20

reference_url	https://access.redhat.com/errata/RHSA-2017:2456
reference_id	RHSA-2017:2456
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2456

reference_url	https://access.redhat.com/errata/RHSA-2017:2534
reference_id	RHSA-2017:2534
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2534

fixed_packages

aliases

CVE-2017-7786

risk_score

4.5

exploitability

0.5

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-gcyv-192g-3ygq

url

VCID-k458-ek4h-4kht

vulnerability_id

VCID-k458-ek4h-4kht

summary

Mozilla developers and community members Masayuki Nakano, Gary Kwong, Ronald Crane, Andrew McCreight, Tyson Smith, Bevis Tseng, Christian Holler, Bryce Van Dyk, Dragana Damjanovic, Kartikaya Gupta, Philipp, Tristan Bourvon, and Andi-Bogdan Postelnicu reported memory safety bugs present in Firefox 54 and Firefox ESR 52.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7779.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7779.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7779

reference_id

reference_type

scores

value	0.01104
scoring_system	epss
scoring_elements	0.78419
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7779

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1479191
reference_id	1479191
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1479191

reference_url	https://security.archlinux.org/ASA-201708-18
reference_id	ASA-201708-18
reference_type
scores
url	https://security.archlinux.org/ASA-201708-18

reference_url	https://security.archlinux.org/ASA-201708-3
reference_id	ASA-201708-3
reference_type
scores
url	https://security.archlinux.org/ASA-201708-3

reference_url

https://security.archlinux.org/AVG-375

reference_id

AVG-375

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-375

reference_url

https://security.archlinux.org/AVG-385

reference_id

AVG-385

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-385

reference_url	https://security.gentoo.org/glsa/201803-14
reference_id	GLSA-201803-14
reference_type
scores
url	https://security.gentoo.org/glsa/201803-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-18

reference_id

mfsa2017-18

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-18

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-19

reference_id

mfsa2017-19

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-19

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-20

reference_id

mfsa2017-20

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-20

reference_url	https://access.redhat.com/errata/RHSA-2017:2456
reference_id	RHSA-2017:2456
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2456

reference_url	https://access.redhat.com/errata/RHSA-2017:2534
reference_id	RHSA-2017:2534
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2534

fixed_packages

aliases

CVE-2017-7779

risk_score

4.5

exploitability

0.5

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-k458-ek4h-4kht

url

VCID-md7v-but8-7qdz

vulnerability_id

VCID-md7v-but8-7qdz

summary

On pages containing an iframe, the data: protocol can be used to create a modal alert that will render over arbitrary domains following page navigation, spoofing of the origin of the modal alert from the iframe content.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7791.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7791.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7791

reference_id

reference_type

scores

value	0.01355
scoring_system	epss
scoring_elements	0.80454
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1479209
reference_id	1479209
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1479209

reference_url	https://security.archlinux.org/ASA-201708-18
reference_id	ASA-201708-18
reference_type
scores
url	https://security.archlinux.org/ASA-201708-18

reference_url	https://security.archlinux.org/ASA-201708-3
reference_id	ASA-201708-3
reference_type
scores
url	https://security.archlinux.org/ASA-201708-3

reference_url

https://security.archlinux.org/AVG-375

reference_id

AVG-375

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-375

reference_url

https://security.archlinux.org/AVG-385

reference_id

AVG-385

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-385

reference_url	https://security.gentoo.org/glsa/201803-14
reference_id	GLSA-201803-14
reference_type
scores
url	https://security.gentoo.org/glsa/201803-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-18

reference_id

mfsa2017-18

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-18

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-19

reference_id

mfsa2017-19

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-19

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-20

reference_id

mfsa2017-20

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-20

reference_url	https://access.redhat.com/errata/RHSA-2017:2456
reference_id	RHSA-2017:2456
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2456

reference_url	https://access.redhat.com/errata/RHSA-2017:2534
reference_id	RHSA-2017:2534
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2534

fixed_packages

aliases

CVE-2017-7791

risk_score

4.5

exploitability

0.5

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-md7v-but8-7qdz

url

VCID-p1ry-j666-3qhy

vulnerability_id

VCID-p1ry-j666-3qhy

summary

A use-after-free vulnerability can occur in WebSockets when the object holding the connection is freed before the disconnection operation is finished. This results in an exploitable crash.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7800.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7800.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7800

reference_id

reference_type

scores

value	0.04285
scoring_system	epss
scoring_elements	0.89037
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1479218
reference_id	1479218
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1479218

reference_url	https://security.archlinux.org/ASA-201708-18
reference_id	ASA-201708-18
reference_type
scores
url	https://security.archlinux.org/ASA-201708-18

reference_url	https://security.archlinux.org/ASA-201708-3
reference_id	ASA-201708-3
reference_type
scores
url	https://security.archlinux.org/ASA-201708-3

reference_url

https://security.archlinux.org/AVG-375

reference_id

AVG-375

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-375

reference_url

https://security.archlinux.org/AVG-385

reference_id

AVG-385

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-385

reference_url	https://security.gentoo.org/glsa/201803-14
reference_id	GLSA-201803-14
reference_type
scores
url	https://security.gentoo.org/glsa/201803-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-18

reference_id

mfsa2017-18

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-18

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-19

reference_id

mfsa2017-19

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-19

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-20

reference_id

mfsa2017-20

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-20

reference_url	https://access.redhat.com/errata/RHSA-2017:2456
reference_id	RHSA-2017:2456
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2456

reference_url	https://access.redhat.com/errata/RHSA-2017:2534
reference_id	RHSA-2017:2534
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2534

fixed_packages

aliases

CVE-2017-7800

risk_score

4.5

exploitability

0.5

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-p1ry-j666-3qhy

url

VCID-uww5-29jb-n3gc

vulnerability_id

VCID-uww5-29jb-n3gc

summary

A mechanism that uses AppCache to hijack a URL in a domain using fallback by serving the files from a sub-path on the domain. This has been addressed by requiring fallback files be inside the manifest directory.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7807.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7807.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7807

reference_id

reference_type

scores

value	0.00778
scoring_system	epss
scoring_elements	0.74016
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7807

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1479227
reference_id	1479227
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1479227

reference_url	https://security.archlinux.org/ASA-201708-18
reference_id	ASA-201708-18
reference_type
scores
url	https://security.archlinux.org/ASA-201708-18

reference_url	https://security.archlinux.org/ASA-201708-3
reference_id	ASA-201708-3
reference_type
scores
url	https://security.archlinux.org/ASA-201708-3

reference_url

https://security.archlinux.org/AVG-375

reference_id

AVG-375

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-375

reference_url

https://security.archlinux.org/AVG-385

reference_id

AVG-385

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-385

reference_url	https://security.gentoo.org/glsa/201803-14
reference_id	GLSA-201803-14
reference_type
scores
url	https://security.gentoo.org/glsa/201803-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-18

reference_id

mfsa2017-18

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-18

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-19

reference_id

mfsa2017-19

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-19

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-20

reference_id

mfsa2017-20

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-20

reference_url	https://access.redhat.com/errata/RHSA-2017:2456
reference_id	RHSA-2017:2456
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2456

reference_url	https://access.redhat.com/errata/RHSA-2017:2534
reference_id	RHSA-2017:2534
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2534

fixed_packages

aliases

CVE-2017-7807

risk_score

4.5

exploitability

0.5

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-uww5-29jb-n3gc

url

VCID-x2hg-g7n3-8qbw

vulnerability_id

VCID-x2hg-g7n3-8qbw

summary

A buffer overflow can occur when manipulating Accessible Rich Internet Applications (ARIA) attributes within the DOM. This results in a potentially exploitable crash.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7785.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7785.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7785

reference_id

reference_type

scores

value	0.08433
scoring_system	epss
scoring_elements	0.92484
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7785

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1479203
reference_id	1479203
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1479203

reference_url	https://security.archlinux.org/ASA-201708-18
reference_id	ASA-201708-18
reference_type
scores
url	https://security.archlinux.org/ASA-201708-18

reference_url	https://security.archlinux.org/ASA-201708-3
reference_id	ASA-201708-3
reference_type
scores
url	https://security.archlinux.org/ASA-201708-3

reference_url

https://security.archlinux.org/AVG-375

reference_id

AVG-375

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-375

reference_url

https://security.archlinux.org/AVG-385

reference_id

AVG-385

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-385

reference_url	https://security.gentoo.org/glsa/201803-14
reference_id	GLSA-201803-14
reference_type
scores
url	https://security.gentoo.org/glsa/201803-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-18

reference_id

mfsa2017-18

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-18

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-19

reference_id

mfsa2017-19

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-19

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-20

reference_id

mfsa2017-20

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-20

reference_url	https://access.redhat.com/errata/RHSA-2017:2456
reference_id	RHSA-2017:2456
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2456

reference_url	https://access.redhat.com/errata/RHSA-2017:2534
reference_id	RHSA-2017:2534
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2534

fixed_packages

aliases

CVE-2017-7785

risk_score

4.5

exploitability

0.5

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-x2hg-g7n3-8qbw

Fixing_vulnerabilities

Risk_score 4.5

Resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/thunderbird@52.3.0-1%3Farch=el7_4

Package Instance