Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/371574?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/371574?format=api", "purl": "pkg:alpm/archlinux/firefox@51.0.1-1", "type": "alpm", "namespace": "archlinux", "name": "firefox", "version": "51.0.1-1", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "52.0-1", "latest_non_vulnerable_version": "101.0-1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62815?format=api", "vulnerability_id": "VCID-22xt-tnu1-gyhu", "summary": "An attack can use a blob URL and script to spoof an arbitrary addressbar URL prefaced by blob: as the protocol, leading to user confusion and further spoofing attacks.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5415", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.29152", "scoring_system": "epss", "scoring_elements": "0.966", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.29152", "scoring_system": "epss", "scoring_elements": "0.96551", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.29152", "scoring_system": "epss", "scoring_elements": "0.96579", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.29152", "scoring_system": "epss", "scoring_elements": "0.96582", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.29152", "scoring_system": "epss", "scoring_elements": "0.96585", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.29152", "scoring_system": "epss", "scoring_elements": "0.96591", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.29152", "scoring_system": "epss", "scoring_elements": "0.96597", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.29152", "scoring_system": "epss", "scoring_elements": "0.96561", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.29152", "scoring_system": "epss", "scoring_elements": "0.96566", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.29152", "scoring_system": "epss", "scoring_elements": "0.96569", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.29152", "scoring_system": "epss", "scoring_elements": "0.96577", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5415" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1321719", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1321719" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "http://www.securityfocus.com/bid/96692", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96692" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://github.com/649/CVE-2017-5415/tree/209b7ae6882a18ae51b1222a68c040a3bc9a8bc5", "reference_id": "CVE-2017-5415", "reference_type": "exploit", "scores": [], "url": "https://github.com/649/CVE-2017-5415/tree/209b7ae6882a18ae51b1222a68c040a3bc9a8bc5" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/local/44266.html", "reference_id": "CVE-2017-5415", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/local/44266.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5415", "reference_id": "CVE-2017-5415", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5415" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371575?format=api", "purl": "pkg:alpm/archlinux/firefox@52.0-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1" } ], "aliases": [ "CVE-2017-5415" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-22xt-tnu1-gyhu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62820?format=api", "vulnerability_id": "VCID-3dy5-4e6w-3kgt", "summary": "A non-existent chrome.manifest file will attempt to be loaded during startup from the primary installation directory. If a malicious user with local access puts chrome.manifest and other referenced files in this directory, they will be loaded and activated during startup. This could result in malicious software being added without consent or modification of referenced installed files.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5427", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26879", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27048", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27029", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27032", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26988", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26931", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26941", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27088", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27124", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26915", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26983", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5427" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1295542", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1295542" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.1", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:S/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "http://www.securityfocus.com/bid/96692", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96692" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5427", "reference_id": "CVE-2017-5427", "reference_type": "", "scores": [ { "value": "1.9", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:N/C:N/I:P/A:N" }, { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5427" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371575?format=api", "purl": "pkg:alpm/archlinux/firefox@52.0-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1" } ], "aliases": [ "CVE-2017-5427" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3dy5-4e6w-3kgt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31911?format=api", "vulnerability_id": "VCID-3ehk-593t-abcp", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5408.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5408.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01068", "scoring_system": "epss", "scoring_elements": "0.77747", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01068", "scoring_system": "epss", "scoring_elements": "0.77692", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01068", "scoring_system": "epss", "scoring_elements": "0.77675", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01068", "scoring_system": "epss", "scoring_elements": "0.77703", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01068", "scoring_system": "epss", "scoring_elements": "0.77708", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01068", "scoring_system": "epss", "scoring_elements": "0.77734", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01068", "scoring_system": "epss", "scoring_elements": "0.77718", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01068", "scoring_system": "epss", "scoring_elements": "0.77717", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01068", "scoring_system": "epss", "scoring_elements": "0.77754", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01068", "scoring_system": "epss", "scoring_elements": "0.77753", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01068", "scoring_system": "epss", "scoring_elements": "0.77658", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01068", "scoring_system": "epss", "scoring_elements": "0.77665", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5408" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1313711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1313711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3805" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3832", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3832" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-06/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-06/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-07/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-07/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-09/" }, { "reference_url": "http://www.securityfocus.com/bid/96693", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96693" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429784", "reference_id": "1429784", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429784" }, { "reference_url": "https://security.archlinux.org/ASA-201703-2", "reference_id": "ASA-201703-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-2" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-193", "reference_id": "AVG-193", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-193" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5408", "reference_id": "CVE-2017-5408", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5408" }, { "reference_url": "https://security.gentoo.org/glsa/201705-06", "reference_id": "GLSA-201705-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-06" }, { "reference_url": "https://security.gentoo.org/glsa/201705-07", "reference_id": "GLSA-201705-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06", "reference_id": "mfsa2017-06", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07", "reference_id": "mfsa2017-07", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0459", "reference_id": "RHSA-2017:0459", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0459" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0461", "reference_id": "RHSA-2017:0461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0498", "reference_id": "RHSA-2017:0498", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0498" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" }, { "reference_url": "https://usn.ubuntu.com/3233-1/", "reference_id": "USN-3233-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3233-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371575?format=api", "purl": "pkg:alpm/archlinux/firefox@52.0-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1" } ], "aliases": [ "CVE-2017-5408" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3ehk-593t-abcp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31904?format=api", "vulnerability_id": "VCID-3nup-1513-ybaq", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5400.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5400.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00999", "scoring_system": "epss", "scoring_elements": "0.77008", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00999", "scoring_system": "epss", "scoring_elements": "0.76945", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00999", "scoring_system": "epss", "scoring_elements": "0.76928", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00999", "scoring_system": "epss", "scoring_elements": "0.7696", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00999", "scoring_system": "epss", "scoring_elements": "0.76971", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00999", "scoring_system": "epss", "scoring_elements": "0.76999", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00999", "scoring_system": "epss", "scoring_elements": "0.76978", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00999", "scoring_system": "epss", "scoring_elements": "0.76973", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00999", "scoring_system": "epss", "scoring_elements": "0.77013", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00999", "scoring_system": "epss", "scoring_elements": "0.77015", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00999", "scoring_system": "epss", "scoring_elements": "0.76909", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00999", "scoring_system": "epss", "scoring_elements": "0.76915", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5400" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1334933", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1334933" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3805" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3832", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3832" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-06/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-06/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-07/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-07/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-09/" }, { "reference_url": "http://www.securityfocus.com/bid/96654", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96654" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429778", "reference_id": "1429778", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429778" }, { "reference_url": "https://security.archlinux.org/ASA-201703-2", "reference_id": "ASA-201703-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-2" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-193", "reference_id": "AVG-193", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-193" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5400", "reference_id": "CVE-2017-5400", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5400" }, { "reference_url": "https://security.gentoo.org/glsa/201705-06", "reference_id": "GLSA-201705-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-06" }, { "reference_url": "https://security.gentoo.org/glsa/201705-07", "reference_id": "GLSA-201705-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06", "reference_id": "mfsa2017-06", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07", "reference_id": "mfsa2017-07", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0459", "reference_id": "RHSA-2017:0459", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0459" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0461", "reference_id": "RHSA-2017:0461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0498", "reference_id": "RHSA-2017:0498", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0498" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" }, { "reference_url": "https://usn.ubuntu.com/3233-1/", "reference_id": "USN-3233-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3233-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371575?format=api", "purl": "pkg:alpm/archlinux/firefox@52.0-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1" } ], "aliases": [ "CVE-2017-5400" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3nup-1513-ybaq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31912?format=api", "vulnerability_id": "VCID-3tww-nhmh-gua6", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5410.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5410.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02531", "scoring_system": "epss", "scoring_elements": "0.85468", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02531", "scoring_system": "epss", "scoring_elements": "0.85464", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02531", "scoring_system": "epss", "scoring_elements": "0.8544", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02531", "scoring_system": "epss", "scoring_elements": "0.85367", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02531", "scoring_system": "epss", "scoring_elements": "0.85443", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02531", "scoring_system": "epss", "scoring_elements": "0.85445", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02531", "scoring_system": "epss", "scoring_elements": "0.85431", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02531", "scoring_system": "epss", "scoring_elements": "0.85422", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02531", "scoring_system": "epss", "scoring_elements": "0.85401", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02531", "scoring_system": "epss", "scoring_elements": "0.85398", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02531", "scoring_system": "epss", "scoring_elements": "0.85379", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5410" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1330687", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1330687" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3805" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3832", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3832" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-06/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-06/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-07/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-07/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-09/" }, { "reference_url": "http://www.securityfocus.com/bid/96693", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96693" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429783", "reference_id": "1429783", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429783" }, { "reference_url": "https://security.archlinux.org/ASA-201703-2", "reference_id": "ASA-201703-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-2" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-193", "reference_id": "AVG-193", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-193" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5410", "reference_id": "CVE-2017-5410", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5410" }, { "reference_url": "https://security.gentoo.org/glsa/201705-06", "reference_id": "GLSA-201705-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-06" }, { "reference_url": "https://security.gentoo.org/glsa/201705-07", "reference_id": "GLSA-201705-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06", "reference_id": "mfsa2017-06", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07", "reference_id": "mfsa2017-07", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0459", "reference_id": "RHSA-2017:0459", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0459" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0461", "reference_id": "RHSA-2017:0461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0498", "reference_id": "RHSA-2017:0498", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0498" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" }, { "reference_url": "https://usn.ubuntu.com/3233-1/", "reference_id": "USN-3233-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3233-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371575?format=api", "purl": "pkg:alpm/archlinux/firefox@52.0-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1" } ], "aliases": [ "CVE-2017-5410" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3tww-nhmh-gua6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31910?format=api", "vulnerability_id": "VCID-667g-8khd-kkhm", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5407.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5407.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01045", "scoring_system": "epss", "scoring_elements": "0.77509", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01045", "scoring_system": "epss", "scoring_elements": "0.77458", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01045", "scoring_system": "epss", "scoring_elements": "0.77438", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01045", "scoring_system": "epss", "scoring_elements": "0.77468", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01045", "scoring_system": "epss", "scoring_elements": "0.77477", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01045", "scoring_system": "epss", "scoring_elements": "0.77503", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01045", "scoring_system": "epss", "scoring_elements": "0.77484", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01045", "scoring_system": "epss", "scoring_elements": "0.7748", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01045", "scoring_system": "epss", "scoring_elements": "0.77519", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01045", "scoring_system": "epss", "scoring_elements": "0.77516", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01045", "scoring_system": "epss", "scoring_elements": "0.77426", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01045", "scoring_system": "epss", "scoring_elements": "0.77433", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5407" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1336622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1336622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3805" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3832", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3832" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-06/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-06/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-07/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-07/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-09/" }, { "reference_url": "http://www.securityfocus.com/bid/96693", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96693" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429782", "reference_id": "1429782", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429782" }, { "reference_url": "https://security.archlinux.org/ASA-201703-2", "reference_id": "ASA-201703-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-2" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-193", "reference_id": "AVG-193", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-193" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5407", "reference_id": "CVE-2017-5407", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5407" }, { "reference_url": "https://security.gentoo.org/glsa/201705-06", "reference_id": "GLSA-201705-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-06" }, { "reference_url": "https://security.gentoo.org/glsa/201705-07", "reference_id": "GLSA-201705-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06", "reference_id": "mfsa2017-06", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07", "reference_id": "mfsa2017-07", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0459", "reference_id": "RHSA-2017:0459", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0459" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0461", "reference_id": "RHSA-2017:0461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0498", "reference_id": "RHSA-2017:0498", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0498" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" }, { "reference_url": "https://usn.ubuntu.com/3233-1/", "reference_id": "USN-3233-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3233-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371575?format=api", "purl": "pkg:alpm/archlinux/firefox@52.0-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1" } ], "aliases": [ "CVE-2017-5407" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-667g-8khd-kkhm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62814?format=api", "vulnerability_id": "VCID-6b9m-3w58-qydd", "summary": "The file picker dialog can choose and display the wrong local default directory when instantiated. On some operating systems, this can lead to information disclosure, such as the operating system or the local account name.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5414", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32388", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32464", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32468", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.3243", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32403", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.3244", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32417", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.3238", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.3253", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32565", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32389", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32437", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5414" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1319370", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1319370" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-09/" }, { "reference_url": "http://www.securityfocus.com/bid/96692", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96692" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5414", "reference_id": "CVE-2017-5414", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:C/I:N/A:N" }, { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5414" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371575?format=api", "purl": "pkg:alpm/archlinux/firefox@52.0-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1" } ], "aliases": [ "CVE-2017-5414" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6b9m-3w58-qydd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62808?format=api", "vulnerability_id": "VCID-6m1t-sn26-fbaf", "summary": "When adding a range to an object in the DOM, it is possible to use addRange to add the range to an incorrect root object. This triggers a use-after-free, resulting in a potentially exploitable crash.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5403", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66706", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66696", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66715", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66703", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66673", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66707", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66721", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66592", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66632", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66659", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66681", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5403" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1340186", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1340186" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-09/" }, { "reference_url": "http://www.securityfocus.com/bid/96691", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96691" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5403", "reference_id": "CVE-2017-5403", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5403" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371575?format=api", "purl": "pkg:alpm/archlinux/firefox@52.0-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1" } ], "aliases": [ "CVE-2017-5403" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6m1t-sn26-fbaf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62825?format=api", "vulnerability_id": "VCID-6wce-w5a8-2qet", "summary": "If a malicious site uses the view-source: protocol in a series within a single hyperlink, it can trigger a non-exploitable browser crash when the hyperlink is selected. This was fixed by no longer making view-source: linkable.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5422", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.7285", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72807", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72832", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72815", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72806", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72848", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72858", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72752", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72759", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72779", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72755", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72794", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5422" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1295002", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1295002" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-09/" }, { "reference_url": "http://www.securityfocus.com/bid/96692", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96692" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5422", "reference_id": "CVE-2017-5422", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5422" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371575?format=api", "purl": "pkg:alpm/archlinux/firefox@52.0-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1" } ], "aliases": [ "CVE-2017-5422" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6wce-w5a8-2qet" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62817?format=api", "vulnerability_id": "VCID-6wy1-juan-8ua8", "summary": "When dragging content from the primary browser pane to the addressbar on a malicious site, it is possible to change the addressbar so that the displayed location following navigation does not match the URL of the newly loaded page. This allows for spoofing attacks.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5417", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58789", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58661", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58786", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58793", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58811", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58773", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58806", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58744", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58765", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58733", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5417" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=791597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=791597" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "http://www.securityfocus.com/bid/96692", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96692" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5417", "reference_id": "CVE-2017-5417", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5417" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371575?format=api", "purl": "pkg:alpm/archlinux/firefox@52.0-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1" } ], "aliases": [ "CVE-2017-5417" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6wy1-juan-8ua8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31905?format=api", "vulnerability_id": "VCID-dxr7-qubc-tyb7", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5401.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5401.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02199", "scoring_system": "epss", "scoring_elements": "0.8444", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02199", "scoring_system": "epss", "scoring_elements": "0.84437", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02199", "scoring_system": "epss", "scoring_elements": "0.84414", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02199", "scoring_system": "epss", "scoring_elements": "0.84343", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02199", "scoring_system": "epss", "scoring_elements": "0.84418", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02199", "scoring_system": "epss", "scoring_elements": "0.84425", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02199", "scoring_system": "epss", "scoring_elements": "0.84407", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02199", "scoring_system": "epss", "scoring_elements": "0.84402", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02199", "scoring_system": "epss", "scoring_elements": "0.8438", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02199", "scoring_system": "epss", "scoring_elements": "0.84378", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02199", "scoring_system": "epss", "scoring_elements": "0.84357", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5401" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1328861", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1328861" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3805" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3832", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3832" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-06/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-06/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-07/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-07/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-09/" }, { "reference_url": "http://www.securityfocus.com/bid/96677", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96677" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429779", "reference_id": "1429779", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429779" }, { "reference_url": "https://security.archlinux.org/ASA-201703-2", "reference_id": "ASA-201703-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-2" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-193", "reference_id": "AVG-193", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-193" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5401", "reference_id": "CVE-2017-5401", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5401" }, { "reference_url": "https://security.gentoo.org/glsa/201705-06", "reference_id": "GLSA-201705-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-06" }, { "reference_url": "https://security.gentoo.org/glsa/201705-07", "reference_id": "GLSA-201705-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06", "reference_id": "mfsa2017-06", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07", "reference_id": "mfsa2017-07", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0459", "reference_id": "RHSA-2017:0459", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0459" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0461", "reference_id": "RHSA-2017:0461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0498", "reference_id": "RHSA-2017:0498", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0498" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" }, { "reference_url": "https://usn.ubuntu.com/3233-1/", "reference_id": "USN-3233-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3233-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371575?format=api", "purl": "pkg:alpm/archlinux/firefox@52.0-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1" } ], "aliases": [ "CVE-2017-5401" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dxr7-qubc-tyb7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62813?format=api", "vulnerability_id": "VCID-ecmf-7x8a-jugv", "summary": "A segmentation fault can occur during some bidirectional layout operations.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5413", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00564", "scoring_system": "epss", "scoring_elements": "0.6842", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00564", "scoring_system": "epss", "scoring_elements": "0.68409", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00564", "scoring_system": "epss", "scoring_elements": "0.68436", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00564", "scoring_system": "epss", "scoring_elements": "0.68424", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00564", "scoring_system": "epss", "scoring_elements": "0.68391", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00564", "scoring_system": "epss", "scoring_elements": "0.68428", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00564", "scoring_system": "epss", "scoring_elements": "0.68442", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00564", "scoring_system": "epss", "scoring_elements": "0.68325", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00564", "scoring_system": "epss", "scoring_elements": "0.68345", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00564", "scoring_system": "epss", "scoring_elements": "0.68364", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00564", "scoring_system": "epss", "scoring_elements": "0.68341", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00564", "scoring_system": "epss", "scoring_elements": "0.68392", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5413" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1337504", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1337504" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-09/" }, { "reference_url": "http://www.securityfocus.com/bid/96692", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96692" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5413", "reference_id": "CVE-2017-5413", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5413" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371575?format=api", "purl": "pkg:alpm/archlinux/firefox@52.0-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1" } ], "aliases": [ "CVE-2017-5413" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ecmf-7x8a-jugv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62826?format=api", "vulnerability_id": "VCID-erx8-1tfq-kyce", "summary": "Mozilla developers and community members Carsten Book, Calixte Denizet, Christian Holler, Andrew McCreight, David Bolter, David Keeler, Jon Coppeard, Tyson Smith, Ronald Crane, Tooru Fujisawa, Ben Kelly, Bob Owen, Jed Davis, Julian Seward, Julian Hector, Philipp, Markus Stange, and André Bargull reported memory safety bugs present in Firefox 51. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5399", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.72724", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.72682", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.72705", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.72688", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.72678", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.7272", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.72731", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.72627", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.72635", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.72652", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.7263", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.72669", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5399" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1332569%2C1315248%2C1261335%2C1321038%2C1331771%2C1339566%2C1339591%2C1240893%2C1341905%2C1323241%2C1336467%2C1270288%2C1295299%2C1296024%2C1304201%2C1306142%2C1307557%2C1308036%2C1334246%2C1334290%2C1317085%2C1339116%2C1324000%2C1323150%2C1332501%2C1320894%2C1333752%2C1303713%2C1321566%2C1264053%2C1343513", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1332569%2C1315248%2C1261335%2C1321038%2C1331771%2C1339566%2C1339591%2C1240893%2C1341905%2C1323241%2C1336467%2C1270288%2C1295299%2C1296024%2C1304201%2C1306142%2C1307557%2C1308036%2C1334246%2C1334290%2C1317085%2C1339116%2C1324000%2C1323150%2C1332501%2C1320894%2C1333752%2C1303713%2C1321566%2C1264053%2C1343513" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-09/" }, { "reference_url": "http://www.securityfocus.com/bid/96692", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96692" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5399", "reference_id": "CVE-2017-5399", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:C/I:C/A:C" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5399" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371575?format=api", "purl": "pkg:alpm/archlinux/firefox@52.0-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1" } ], "aliases": [ "CVE-2017-5399" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-erx8-1tfq-kyce" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62816?format=api", "vulnerability_id": "VCID-gshc-3brh-c3dr", "summary": "In certain circumstances a networking event listener can be prematurely released. This appears to result in a null dereference in practice.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5416", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00856", "scoring_system": "epss", "scoring_elements": "0.75005", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00856", "scoring_system": "epss", "scoring_elements": "0.7498", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00856", "scoring_system": "epss", "scoring_elements": "0.75002", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00856", "scoring_system": "epss", "scoring_elements": "0.74981", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00856", "scoring_system": "epss", "scoring_elements": "0.74971", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00856", "scoring_system": "epss", "scoring_elements": "0.75008", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00856", "scoring_system": "epss", "scoring_elements": "0.75015", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00856", "scoring_system": "epss", "scoring_elements": "0.74927", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00856", "scoring_system": "epss", "scoring_elements": "0.7493", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00856", "scoring_system": "epss", "scoring_elements": "0.74959", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00856", "scoring_system": "epss", "scoring_elements": "0.74933", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00856", "scoring_system": "epss", "scoring_elements": "0.74967", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5416" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1328121", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1328121" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-09/" }, { "reference_url": "http://www.securityfocus.com/bid/96692", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96692" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5416", "reference_id": "CVE-2017-5416", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5416" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371575?format=api", "purl": "pkg:alpm/archlinux/firefox@52.0-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1" } ], "aliases": [ "CVE-2017-5416" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gshc-3brh-c3dr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31907?format=api", "vulnerability_id": "VCID-jwze-7mfw-r3ax", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5404.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5404.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.21288", "scoring_system": "epss", "scoring_elements": "0.95698", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.21288", "scoring_system": "epss", "scoring_elements": "0.95696", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.21288", "scoring_system": "epss", "scoring_elements": "0.95692", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.21288", "scoring_system": "epss", "scoring_elements": "0.95649", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.21288", "scoring_system": "epss", "scoring_elements": "0.95684", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.21288", "scoring_system": "epss", "scoring_elements": "0.95682", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.21288", "scoring_system": "epss", "scoring_elements": "0.95678", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.21288", "scoring_system": "epss", "scoring_elements": "0.95674", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.21288", "scoring_system": "epss", "scoring_elements": "0.95666", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.21288", "scoring_system": "epss", "scoring_elements": "0.95663", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.21288", "scoring_system": "epss", "scoring_elements": "0.95658", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5404" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1340138", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1340138" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3805" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3832", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3832" }, { "reference_url": "https://www.exploit-db.com/exploits/41660/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/41660/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-06/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-06/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-07/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-07/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-09/" }, { "reference_url": "http://www.securityfocus.com/bid/96664", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96664" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429781", "reference_id": "1429781", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429781" }, { "reference_url": "https://security.archlinux.org/ASA-201703-2", "reference_id": "ASA-201703-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-2" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-193", "reference_id": "AVG-193", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-193" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5404", "reference_id": "CVE-2017-5404", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5404" }, { "reference_url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1130", "reference_id": "CVE-2017-5404;MFSA2017-05", "reference_type": "exploit", "scores": [], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1130" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/41660.html", "reference_id": "CVE-2017-5404;MFSA2017-05", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/41660.html" }, { "reference_url": "https://security.gentoo.org/glsa/201705-06", "reference_id": "GLSA-201705-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-06" }, { "reference_url": "https://security.gentoo.org/glsa/201705-07", "reference_id": "GLSA-201705-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06", "reference_id": "mfsa2017-06", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07", "reference_id": "mfsa2017-07", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0459", "reference_id": "RHSA-2017:0459", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0459" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0461", "reference_id": "RHSA-2017:0461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0498", "reference_id": "RHSA-2017:0498", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0498" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" }, { "reference_url": "https://usn.ubuntu.com/3233-1/", "reference_id": "USN-3233-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3233-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371575?format=api", "purl": "pkg:alpm/archlinux/firefox@52.0-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1" } ], "aliases": [ "CVE-2017-5404" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jwze-7mfw-r3ax" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31906?format=api", "vulnerability_id": "VCID-npyt-d8qr-wqdj", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5402.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5402.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02498", "scoring_system": "epss", "scoring_elements": "0.85349", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02498", "scoring_system": "epss", "scoring_elements": "0.85289", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02498", "scoring_system": "epss", "scoring_elements": "0.85292", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02498", "scoring_system": "epss", "scoring_elements": "0.85313", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02498", "scoring_system": "epss", "scoring_elements": "0.85322", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02498", "scoring_system": "epss", "scoring_elements": "0.85336", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02498", "scoring_system": "epss", "scoring_elements": "0.85333", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02498", "scoring_system": "epss", "scoring_elements": "0.8533", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02498", "scoring_system": "epss", "scoring_elements": "0.8535", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02498", "scoring_system": "epss", "scoring_elements": "0.85352", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02498", "scoring_system": "epss", "scoring_elements": "0.85258", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02498", "scoring_system": "epss", "scoring_elements": "0.8527", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5402" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1334876", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1334876" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3805" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3832", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3832" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-06/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-06/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-07/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-07/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-09/" }, { "reference_url": "http://www.securityfocus.com/bid/96664", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96664" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429780", "reference_id": "1429780", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429780" }, { "reference_url": "https://security.archlinux.org/ASA-201703-2", "reference_id": "ASA-201703-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-2" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-193", "reference_id": "AVG-193", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-193" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5402", "reference_id": "CVE-2017-5402", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5402" }, { "reference_url": "https://security.gentoo.org/glsa/201705-06", "reference_id": "GLSA-201705-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-06" }, { "reference_url": "https://security.gentoo.org/glsa/201705-07", "reference_id": "GLSA-201705-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06", "reference_id": "mfsa2017-06", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07", "reference_id": "mfsa2017-07", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0459", "reference_id": "RHSA-2017:0459", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0459" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0461", "reference_id": "RHSA-2017:0461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0498", "reference_id": "RHSA-2017:0498", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0498" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" }, { "reference_url": "https://usn.ubuntu.com/3233-1/", "reference_id": "USN-3233-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3233-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371575?format=api", "purl": "pkg:alpm/archlinux/firefox@52.0-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1" } ], "aliases": [ "CVE-2017-5402" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-npyt-d8qr-wqdj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62823?format=api", "vulnerability_id": "VCID-qdc5-1z7p-zqar", "summary": "A javascript: url loaded by a malicious page can obfuscate its location by blanking the URL displayed in the addressbar, allowing for an attacker to spoof an existing page without the malicious page's address being displayed correctly.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5420", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00398", "scoring_system": "epss", "scoring_elements": "0.60651", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00398", "scoring_system": "epss", "scoring_elements": "0.60492", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00398", "scoring_system": "epss", "scoring_elements": "0.60652", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00398", "scoring_system": "epss", "scoring_elements": "0.60637", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00398", "scoring_system": "epss", "scoring_elements": "0.60616", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00398", "scoring_system": "epss", "scoring_elements": "0.60658", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00398", "scoring_system": "epss", "scoring_elements": "0.60664", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00398", "scoring_system": "epss", "scoring_elements": "0.60566", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00398", "scoring_system": "epss", "scoring_elements": "0.60594", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00398", "scoring_system": "epss", "scoring_elements": "0.60563", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00398", "scoring_system": "epss", "scoring_elements": "0.60612", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00398", "scoring_system": "epss", "scoring_elements": "0.60628", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5420" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1284395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1284395" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "http://www.securityfocus.com/bid/96692", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96692" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5420", "reference_id": "CVE-2017-5420", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5420" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371575?format=api", "purl": "pkg:alpm/archlinux/firefox@52.0-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1" } ], "aliases": [ "CVE-2017-5420" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qdc5-1z7p-zqar" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31903?format=api", "vulnerability_id": "VCID-r8en-yg26-w3a1", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5398.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5398.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03265", "scoring_system": "epss", "scoring_elements": "0.87168", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.03265", "scoring_system": "epss", "scoring_elements": "0.87163", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03265", "scoring_system": "epss", "scoring_elements": "0.87147", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03265", "scoring_system": "epss", "scoring_elements": "0.87095", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03265", "scoring_system": "epss", "scoring_elements": "0.87151", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03265", "scoring_system": "epss", "scoring_elements": "0.87157", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03265", "scoring_system": "epss", "scoring_elements": "0.87144", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03265", "scoring_system": "epss", "scoring_elements": "0.87136", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03265", "scoring_system": "epss", "scoring_elements": "0.87116", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03265", "scoring_system": "epss", "scoring_elements": "0.87123", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03265", "scoring_system": "epss", "scoring_elements": "0.87106", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5398" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1332550%2C1332597%2C1338383%2C1321612%2C1322971%2C1333568%2C1333887%2C1335450%2C1325052%2C1324379%2C1336510", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1332550%2C1332597%2C1338383%2C1321612%2C1322971%2C1333568%2C1333887%2C1335450%2C1325052%2C1324379%2C1336510" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3805" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3832", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3832" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-06/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-06/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-07/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-07/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-09/" }, { "reference_url": "http://www.securityfocus.com/bid/96651", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96651" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429786", "reference_id": "1429786", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429786" }, { "reference_url": "https://security.archlinux.org/ASA-201703-2", "reference_id": "ASA-201703-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-2" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-193", "reference_id": "AVG-193", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-193" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5398", "reference_id": "CVE-2017-5398", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:C/I:C/A:C" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5398" }, { "reference_url": "https://security.gentoo.org/glsa/201705-06", "reference_id": "GLSA-201705-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-06" }, { "reference_url": "https://security.gentoo.org/glsa/201705-07", "reference_id": "GLSA-201705-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06", "reference_id": "mfsa2017-06", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07", "reference_id": "mfsa2017-07", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0459", "reference_id": "RHSA-2017:0459", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0459" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0461", "reference_id": "RHSA-2017:0461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0498", "reference_id": "RHSA-2017:0498", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0498" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" }, { "reference_url": "https://usn.ubuntu.com/3233-1/", "reference_id": "USN-3233-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3233-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371575?format=api", "purl": "pkg:alpm/archlinux/firefox@52.0-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1" } ], "aliases": [ "CVE-2017-5398" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r8en-yg26-w3a1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62824?format=api", "vulnerability_id": "VCID-re3h-pcpx-puhe", "summary": "A malicious site could spoof the contents of the print preview window if popup windows are enabled, resulting in user confusion of what site is currently loaded.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5421", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00405", "scoring_system": "epss", "scoring_elements": "0.61073", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00405", "scoring_system": "epss", "scoring_elements": "0.61056", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00405", "scoring_system": "epss", "scoring_elements": "0.61077", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00405", "scoring_system": "epss", "scoring_elements": "0.61063", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00405", "scoring_system": "epss", "scoring_elements": "0.61043", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00405", "scoring_system": "epss", "scoring_elements": "0.61084", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00405", "scoring_system": "epss", "scoring_elements": "0.61089", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00405", "scoring_system": "epss", "scoring_elements": "0.60921", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00405", "scoring_system": "epss", "scoring_elements": "0.60998", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00405", "scoring_system": "epss", "scoring_elements": "0.61026", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00405", "scoring_system": "epss", "scoring_elements": "0.60991", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00405", "scoring_system": "epss", "scoring_elements": "0.61039", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5421" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1301876", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1301876" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-09/" }, { "reference_url": "http://www.securityfocus.com/bid/96692", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96692" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5421", "reference_id": "CVE-2017-5421", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5421" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371575?format=api", "purl": "pkg:alpm/archlinux/firefox@52.0-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1" } ], "aliases": [ "CVE-2017-5421" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-re3h-pcpx-puhe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62819?format=api", "vulnerability_id": "VCID-rff5-96dg-qqgp", "summary": "On Linux, if the secure computing mode BPF (seccomp-bpf) filter is running when the Gecko Media Plugin sandbox is started, the sandbox fails to be applied and items that would run within the sandbox are run protected only by the running filter which is typically weak compared to the sandbox. *Note: this issue only affects Linux. Other operating systems are not affected.*", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5426", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00304", "scoring_system": "epss", "scoring_elements": "0.53688", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00304", "scoring_system": "epss", "scoring_elements": "0.53648", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00304", "scoring_system": "epss", "scoring_elements": "0.53697", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00304", "scoring_system": "epss", "scoring_elements": "0.53681", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00304", "scoring_system": "epss", "scoring_elements": "0.53664", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00304", "scoring_system": "epss", "scoring_elements": "0.53701", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00304", "scoring_system": "epss", "scoring_elements": "0.53706", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00304", "scoring_system": "epss", "scoring_elements": "0.53578", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00304", "scoring_system": "epss", "scoring_elements": "0.53602", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00304", "scoring_system": "epss", "scoring_elements": "0.5363", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00304", "scoring_system": "epss", "scoring_elements": "0.53599", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00304", "scoring_system": "epss", "scoring_elements": "0.5365", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5426" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1257361", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1257361" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-09/" }, { "reference_url": "http://www.securityfocus.com/bid/96694", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96694" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5426", "reference_id": "CVE-2017-5426", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5426" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371575?format=api", "purl": "pkg:alpm/archlinux/firefox@52.0-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1" } ], "aliases": [ "CVE-2017-5426" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rff5-96dg-qqgp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62812?format=api", "vulnerability_id": "VCID-ssxw-2rbk-cyfe", "summary": "A buffer overflow read during SVG filter color value operations, resulting in data exposure.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5412", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00361", "scoring_system": "epss", "scoring_elements": "0.58269", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00361", "scoring_system": "epss", "scoring_elements": "0.58277", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00361", "scoring_system": "epss", "scoring_elements": "0.58282", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00361", "scoring_system": "epss", "scoring_elements": "0.583", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00361", "scoring_system": "epss", "scoring_elements": "0.58257", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00361", "scoring_system": "epss", "scoring_elements": "0.58289", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00361", "scoring_system": "epss", "scoring_elements": "0.58291", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00361", "scoring_system": "epss", "scoring_elements": "0.58143", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00361", "scoring_system": "epss", "scoring_elements": "0.58228", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00361", "scoring_system": "epss", "scoring_elements": "0.58249", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00361", "scoring_system": "epss", "scoring_elements": "0.58223", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5412" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1328323", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1328323" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-09/" }, { "reference_url": "http://www.securityfocus.com/bid/96692", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96692" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5412", "reference_id": "CVE-2017-5412", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:N" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5412" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371575?format=api", "purl": "pkg:alpm/archlinux/firefox@52.0-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1" } ], "aliases": [ "CVE-2017-5412" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ssxw-2rbk-cyfe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31909?format=api", "vulnerability_id": "VCID-t4bj-qz9s-s7eb", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5405.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5405.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02352", "scoring_system": "epss", "scoring_elements": "0.84922", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02352", "scoring_system": "epss", "scoring_elements": "0.84859", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02352", "scoring_system": "epss", "scoring_elements": "0.84861", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02352", "scoring_system": "epss", "scoring_elements": "0.84883", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02352", "scoring_system": "epss", "scoring_elements": "0.8489", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02352", "scoring_system": "epss", "scoring_elements": "0.84909", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02352", "scoring_system": "epss", "scoring_elements": "0.84907", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02352", "scoring_system": "epss", "scoring_elements": "0.84902", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02352", "scoring_system": "epss", "scoring_elements": "0.84923", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02352", "scoring_system": "epss", "scoring_elements": "0.84924", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02352", "scoring_system": "epss", "scoring_elements": "0.84826", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02352", "scoring_system": "epss", "scoring_elements": "0.84841", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5405" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1336699", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1336699" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3805" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3832", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3832" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-06/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-06/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-07/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-07/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-09/" }, { "reference_url": "http://www.securityfocus.com/bid/96693", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96693" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429785", "reference_id": "1429785", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429785" }, { "reference_url": "https://security.archlinux.org/ASA-201703-2", "reference_id": "ASA-201703-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-2" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-193", "reference_id": "AVG-193", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-193" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5405", "reference_id": "CVE-2017-5405", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5405" }, { "reference_url": "https://security.gentoo.org/glsa/201705-06", "reference_id": "GLSA-201705-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-06" }, { "reference_url": "https://security.gentoo.org/glsa/201705-07", "reference_id": "GLSA-201705-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06", "reference_id": "mfsa2017-06", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07", "reference_id": "mfsa2017-07", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0459", "reference_id": "RHSA-2017:0459", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0459" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0461", "reference_id": "RHSA-2017:0461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0498", "reference_id": "RHSA-2017:0498", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0498" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" }, { "reference_url": "https://usn.ubuntu.com/3233-1/", "reference_id": "USN-3233-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3233-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371575?format=api", "purl": "pkg:alpm/archlinux/firefox@52.0-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1" } ], "aliases": [ "CVE-2017-5405" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t4bj-qz9s-s7eb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62809?format=api", "vulnerability_id": "VCID-w67x-2qg8-v7gv", "summary": "A segmentation fault can occur in the Skia graphics library during some canvas operations due to issues with mask/clip intersection and empty masks.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5406", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.7285", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72807", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72832", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72815", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72806", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72848", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72858", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72752", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72759", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72779", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72755", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72794", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5406" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1306890", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1306890" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-09/" }, { "reference_url": "http://www.securityfocus.com/bid/96692", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96692" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5406", "reference_id": "CVE-2017-5406", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5406" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371575?format=api", "purl": "pkg:alpm/archlinux/firefox@52.0-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1" } ], "aliases": [ "CVE-2017-5406" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w67x-2qg8-v7gv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62821?format=api", "vulnerability_id": "VCID-w7g1-ub97-gqdd", "summary": "An out of bounds read error occurs when parsing some HTTP digest authorization responses, resulting in information leakage through the reading of random memory containing matches to specifically set patterns.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5418", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.66935", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.6693", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.6695", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.66936", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.66904", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.66938", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.66952", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.6683", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.66869", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.66895", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.66868", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.66916", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5418" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1338876", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1338876" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-09/" }, { "reference_url": "http://www.securityfocus.com/bid/96692", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96692" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5418", "reference_id": "CVE-2017-5418", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5418" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371575?format=api", "purl": "pkg:alpm/archlinux/firefox@52.0-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1" } ], "aliases": [ "CVE-2017-5418" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w7g1-ub97-gqdd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62822?format=api", "vulnerability_id": "VCID-zpz5-xyxk-4fby", "summary": "If a malicious site repeatedly triggers a modal authentication prompt, eventually the browser UI will become non-responsive, requiring shutdown through the operating system. This is a denial of service (DOS) attack.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5419", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00907", "scoring_system": "epss", "scoring_elements": "0.75785", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00907", "scoring_system": "epss", "scoring_elements": "0.75747", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00907", "scoring_system": "epss", "scoring_elements": "0.75758", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00907", "scoring_system": "epss", "scoring_elements": "0.75782", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00907", "scoring_system": "epss", "scoring_elements": "0.75764", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00907", "scoring_system": "epss", "scoring_elements": "0.75796", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00907", "scoring_system": "epss", "scoring_elements": "0.758", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00907", "scoring_system": "epss", "scoring_elements": "0.75701", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00907", "scoring_system": "epss", "scoring_elements": "0.75703", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00907", "scoring_system": "epss", "scoring_elements": "0.75734", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00907", "scoring_system": "epss", "scoring_elements": "0.75713", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5419" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1312243", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1312243" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-09/" }, { "reference_url": "http://www.securityfocus.com/bid/96692", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96692" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5419", "reference_id": "CVE-2017-5419", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:C" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5419" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371575?format=api", "purl": "pkg:alpm/archlinux/firefox@52.0-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1" } ], "aliases": [ "CVE-2017-5419" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zpz5-xyxk-4fby" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62903?format=api", "vulnerability_id": "VCID-4z19-eyh7-9yf4", "summary": "The existence of a specifically requested local file can be found due to the double firing of the onerror when the source attribute on a <track> tag refers to a file that does not exist if the source page is loaded locally.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5387", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31882", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31895", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31971", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31931", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31897", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.3191", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.32022", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.32063", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31886", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31938", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31967", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5387" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1295023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1295023" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-01/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-01/" }, { "reference_url": "http://www.securityfocus.com/bid/95763", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/95763" }, { "reference_url": "http://www.securitytracker.com/id/1037693", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037693" }, { "reference_url": "https://security.archlinux.org/ASA-201701-39", "reference_id": "ASA-201701-39", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-39" }, { "reference_url": "https://security.archlinux.org/AVG-157", "reference_id": "AVG-157", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-157" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5387", "reference_id": "CVE-2017-5387", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:N/I:P/A:N" }, { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5387" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01", "reference_id": "mfsa2017-01", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01" }, { "reference_url": "https://usn.ubuntu.com/3175-1/", "reference_id": "USN-3175-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3175-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371574?format=api", "purl": "pkg:alpm/archlinux/firefox@51.0.1-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-22xt-tnu1-gyhu" }, { "vulnerability": "VCID-3dy5-4e6w-3kgt" }, { "vulnerability": "VCID-3ehk-593t-abcp" }, { "vulnerability": "VCID-3nup-1513-ybaq" }, { "vulnerability": "VCID-3tww-nhmh-gua6" }, { "vulnerability": "VCID-667g-8khd-kkhm" }, { "vulnerability": "VCID-6b9m-3w58-qydd" }, { "vulnerability": "VCID-6m1t-sn26-fbaf" }, { "vulnerability": "VCID-6wce-w5a8-2qet" }, { "vulnerability": "VCID-6wy1-juan-8ua8" }, { "vulnerability": "VCID-dxr7-qubc-tyb7" }, { "vulnerability": "VCID-ecmf-7x8a-jugv" }, { "vulnerability": "VCID-erx8-1tfq-kyce" }, { "vulnerability": "VCID-gshc-3brh-c3dr" }, { "vulnerability": "VCID-jwze-7mfw-r3ax" }, { "vulnerability": "VCID-npyt-d8qr-wqdj" }, { "vulnerability": "VCID-qdc5-1z7p-zqar" }, { "vulnerability": "VCID-r8en-yg26-w3a1" }, { "vulnerability": "VCID-re3h-pcpx-puhe" }, { "vulnerability": "VCID-rff5-96dg-qqgp" }, { "vulnerability": "VCID-ssxw-2rbk-cyfe" }, { "vulnerability": "VCID-t4bj-qz9s-s7eb" }, { "vulnerability": "VCID-w67x-2qg8-v7gv" }, { "vulnerability": "VCID-w7g1-ub97-gqdd" }, { "vulnerability": "VCID-zpz5-xyxk-4fby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@51.0.1-1" } ], "aliases": [ "CVE-2017-5387" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4z19-eyh7-9yf4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41541?format=api", "vulnerability_id": "VCID-5n3q-eby7-67de", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0190.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0190.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0238.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0238.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5373.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5373.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82822", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82744", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82741", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82767", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82774", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.8279", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82785", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82781", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82819", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82714", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.8273", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5373" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1322315%2C1328834%2C1322420%2C1285833%2C1285960%2C1328251%2C1331058%2C1325938%2C1325877", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1322315%2C1328834%2C1322420%2C1285833%2C1285960%2C1328251%2C1331058%2C1325938%2C1325877" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3771" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3832", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3832" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-01/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-01/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-02/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-02/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-03/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-03/" }, { "reference_url": "http://www.securityfocus.com/bid/95762", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/95762" }, { "reference_url": "http://www.securitytracker.com/id/1037693", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037693" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1415924", "reference_id": "1415924", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1415924" }, { "reference_url": "https://security.archlinux.org/ASA-201701-39", "reference_id": "ASA-201701-39", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-39" }, { "reference_url": "https://security.archlinux.org/ASA-201701-40", "reference_id": "ASA-201701-40", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-40" }, { "reference_url": "https://security.archlinux.org/AVG-157", "reference_id": "AVG-157", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-157" }, { "reference_url": "https://security.archlinux.org/AVG-158", "reference_id": "AVG-158", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-158" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5373", "reference_id": "CVE-2017-5373", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5373" }, { "reference_url": "https://security.gentoo.org/glsa/201702-13", "reference_id": "GLSA-201702-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-13" }, { "reference_url": "https://security.gentoo.org/glsa/201702-22", "reference_id": "GLSA-201702-22", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-22" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01", "reference_id": "mfsa2017-01", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-02", "reference_id": "mfsa2017-02", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-03", "reference_id": "mfsa2017-03", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0190", "reference_id": "RHSA-2017:0190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0190" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0238", "reference_id": "RHSA-2017:0238", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0238" }, { "reference_url": "https://usn.ubuntu.com/3165-1/", "reference_id": "USN-3165-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3165-1/" }, { "reference_url": "https://usn.ubuntu.com/3175-1/", "reference_id": "USN-3175-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3175-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371574?format=api", "purl": "pkg:alpm/archlinux/firefox@51.0.1-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-22xt-tnu1-gyhu" }, { "vulnerability": "VCID-3dy5-4e6w-3kgt" }, { "vulnerability": "VCID-3ehk-593t-abcp" }, { "vulnerability": "VCID-3nup-1513-ybaq" }, { "vulnerability": "VCID-3tww-nhmh-gua6" }, { "vulnerability": "VCID-667g-8khd-kkhm" }, { "vulnerability": "VCID-6b9m-3w58-qydd" }, { "vulnerability": "VCID-6m1t-sn26-fbaf" }, { "vulnerability": "VCID-6wce-w5a8-2qet" }, { "vulnerability": "VCID-6wy1-juan-8ua8" }, { "vulnerability": "VCID-dxr7-qubc-tyb7" }, { "vulnerability": "VCID-ecmf-7x8a-jugv" }, { "vulnerability": "VCID-erx8-1tfq-kyce" }, { "vulnerability": "VCID-gshc-3brh-c3dr" }, { "vulnerability": "VCID-jwze-7mfw-r3ax" }, { "vulnerability": "VCID-npyt-d8qr-wqdj" }, { "vulnerability": "VCID-qdc5-1z7p-zqar" }, { "vulnerability": "VCID-r8en-yg26-w3a1" }, { "vulnerability": "VCID-re3h-pcpx-puhe" }, { "vulnerability": "VCID-rff5-96dg-qqgp" }, { "vulnerability": "VCID-ssxw-2rbk-cyfe" }, { "vulnerability": "VCID-t4bj-qz9s-s7eb" }, { "vulnerability": "VCID-w67x-2qg8-v7gv" }, { "vulnerability": "VCID-w7g1-ub97-gqdd" }, { "vulnerability": "VCID-zpz5-xyxk-4fby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@51.0.1-1" } ], "aliases": [ "CVE-2017-5373" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5n3q-eby7-67de" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41545?format=api", "vulnerability_id": "VCID-84kk-wfxx-t3c8", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0190.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0190.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0238.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0238.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5380.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5380.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82822", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82744", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82741", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82767", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82774", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.8279", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82785", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82781", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82819", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82714", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.8273", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5380" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1322107", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1322107" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3771" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3832", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3832" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-01/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-01/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-02/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-02/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-03/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-03/" }, { "reference_url": "http://www.securityfocus.com/bid/95769", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/95769" }, { "reference_url": "http://www.securitytracker.com/id/1037693", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037693" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416274", "reference_id": "1416274", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416274" }, { "reference_url": "https://security.archlinux.org/ASA-201701-39", "reference_id": "ASA-201701-39", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-39" }, { "reference_url": "https://security.archlinux.org/ASA-201701-40", "reference_id": "ASA-201701-40", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-40" }, { "reference_url": "https://security.archlinux.org/AVG-157", "reference_id": "AVG-157", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-157" }, { "reference_url": "https://security.archlinux.org/AVG-158", "reference_id": "AVG-158", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-158" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5380", "reference_id": "CVE-2017-5380", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5380" }, { "reference_url": "https://security.gentoo.org/glsa/201702-13", "reference_id": "GLSA-201702-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-13" }, { "reference_url": "https://security.gentoo.org/glsa/201702-22", "reference_id": "GLSA-201702-22", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-22" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01", "reference_id": "mfsa2017-01", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-02", "reference_id": "mfsa2017-02", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-03", "reference_id": "mfsa2017-03", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0190", "reference_id": "RHSA-2017:0190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0190" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0238", "reference_id": "RHSA-2017:0238", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0238" }, { "reference_url": "https://usn.ubuntu.com/3165-1/", "reference_id": "USN-3165-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3165-1/" }, { "reference_url": "https://usn.ubuntu.com/3175-1/", "reference_id": "USN-3175-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3175-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371574?format=api", "purl": "pkg:alpm/archlinux/firefox@51.0.1-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-22xt-tnu1-gyhu" }, { "vulnerability": "VCID-3dy5-4e6w-3kgt" }, { "vulnerability": "VCID-3ehk-593t-abcp" }, { "vulnerability": "VCID-3nup-1513-ybaq" }, { "vulnerability": "VCID-3tww-nhmh-gua6" }, { "vulnerability": "VCID-667g-8khd-kkhm" }, { "vulnerability": "VCID-6b9m-3w58-qydd" }, { "vulnerability": "VCID-6m1t-sn26-fbaf" }, { "vulnerability": "VCID-6wce-w5a8-2qet" }, { "vulnerability": "VCID-6wy1-juan-8ua8" }, { "vulnerability": "VCID-dxr7-qubc-tyb7" }, { "vulnerability": "VCID-ecmf-7x8a-jugv" }, { "vulnerability": "VCID-erx8-1tfq-kyce" }, { "vulnerability": "VCID-gshc-3brh-c3dr" }, { "vulnerability": "VCID-jwze-7mfw-r3ax" }, { "vulnerability": "VCID-npyt-d8qr-wqdj" }, { "vulnerability": "VCID-qdc5-1z7p-zqar" }, { "vulnerability": "VCID-r8en-yg26-w3a1" }, { "vulnerability": "VCID-re3h-pcpx-puhe" }, { "vulnerability": "VCID-rff5-96dg-qqgp" }, { "vulnerability": "VCID-ssxw-2rbk-cyfe" }, { "vulnerability": "VCID-t4bj-qz9s-s7eb" }, { "vulnerability": "VCID-w67x-2qg8-v7gv" }, { "vulnerability": "VCID-w7g1-ub97-gqdd" }, { "vulnerability": "VCID-zpz5-xyxk-4fby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@51.0.1-1" } ], "aliases": [ "CVE-2017-5380" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-84kk-wfxx-t3c8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62901?format=api", "vulnerability_id": "VCID-af6b-4jqc-fugx", "summary": "The mozAddonManager allows for the installation of extensions from the CDN for addons.mozilla.org, a publicly accessible site. This could allow malicious extensions to install additional extensions from the CDN in combination with an XSS attack on Mozilla AMO sites.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5393", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00466", "scoring_system": "epss", "scoring_elements": "0.6444", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00466", "scoring_system": "epss", "scoring_elements": "0.64322", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00466", "scoring_system": "epss", "scoring_elements": "0.64442", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00466", "scoring_system": "epss", "scoring_elements": "0.64401", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00466", "scoring_system": "epss", "scoring_elements": "0.64435", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00466", "scoring_system": "epss", "scoring_elements": "0.64447", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00466", "scoring_system": "epss", "scoring_elements": "0.64376", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00466", "scoring_system": "epss", "scoring_elements": "0.64405", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00466", "scoring_system": "epss", "scoring_elements": "0.64366", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00466", "scoring_system": "epss", "scoring_elements": "0.64414", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00466", "scoring_system": "epss", "scoring_elements": "0.64429", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5393" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1309282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1309282" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-01/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-01/" }, { "reference_url": "http://www.securityfocus.com/bid/95763", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/95763" }, { "reference_url": "http://www.securitytracker.com/id/1037693", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037693" }, { "reference_url": "https://security.archlinux.org/ASA-201701-39", "reference_id": "ASA-201701-39", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-39" }, { "reference_url": "https://security.archlinux.org/AVG-157", "reference_id": "AVG-157", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-157" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5393", "reference_id": "CVE-2017-5393", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" }, { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5393" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01", "reference_id": "mfsa2017-01", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01" }, { "reference_url": "https://usn.ubuntu.com/3175-1/", "reference_id": "USN-3175-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3175-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371574?format=api", "purl": "pkg:alpm/archlinux/firefox@51.0.1-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-22xt-tnu1-gyhu" }, { "vulnerability": "VCID-3dy5-4e6w-3kgt" }, { "vulnerability": "VCID-3ehk-593t-abcp" }, { "vulnerability": "VCID-3nup-1513-ybaq" }, { "vulnerability": "VCID-3tww-nhmh-gua6" }, { "vulnerability": "VCID-667g-8khd-kkhm" }, { "vulnerability": "VCID-6b9m-3w58-qydd" }, { "vulnerability": "VCID-6m1t-sn26-fbaf" }, { "vulnerability": "VCID-6wce-w5a8-2qet" }, { "vulnerability": "VCID-6wy1-juan-8ua8" }, { "vulnerability": "VCID-dxr7-qubc-tyb7" }, { "vulnerability": "VCID-ecmf-7x8a-jugv" }, { "vulnerability": "VCID-erx8-1tfq-kyce" }, { "vulnerability": "VCID-gshc-3brh-c3dr" }, { "vulnerability": "VCID-jwze-7mfw-r3ax" }, { "vulnerability": "VCID-npyt-d8qr-wqdj" }, { "vulnerability": "VCID-qdc5-1z7p-zqar" }, { "vulnerability": "VCID-r8en-yg26-w3a1" }, { "vulnerability": "VCID-re3h-pcpx-puhe" }, { "vulnerability": "VCID-rff5-96dg-qqgp" }, { "vulnerability": "VCID-ssxw-2rbk-cyfe" }, { "vulnerability": "VCID-t4bj-qz9s-s7eb" }, { "vulnerability": "VCID-w67x-2qg8-v7gv" }, { "vulnerability": "VCID-w7g1-ub97-gqdd" }, { "vulnerability": "VCID-zpz5-xyxk-4fby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@51.0.1-1" } ], "aliases": [ "CVE-2017-5393" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-af6b-4jqc-fugx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62904?format=api", "vulnerability_id": "VCID-ahzr-nr7g-5ue2", "summary": "A STUN server in conjunction with a large number of webkitRTCPeerConnection objects can be used to send large STUN packets in a short period of time due to a lack of rate limiting being applied on e10s systems, allowing for a denial of service attack.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5388", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0128", "scoring_system": "epss", "scoring_elements": "0.79607", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0128", "scoring_system": "epss", "scoring_elements": "0.79526", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0128", "scoring_system": "epss", "scoring_elements": "0.79583", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0128", "scoring_system": "epss", "scoring_elements": "0.79575", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0128", "scoring_system": "epss", "scoring_elements": "0.79605", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0128", "scoring_system": "epss", "scoring_elements": "0.79604", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0128", "scoring_system": "epss", "scoring_elements": "0.79532", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0128", "scoring_system": "epss", "scoring_elements": "0.79555", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0128", "scoring_system": "epss", "scoring_elements": "0.79542", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0128", "scoring_system": "epss", "scoring_elements": "0.7957", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0128", "scoring_system": "epss", "scoring_elements": "0.79578", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0128", "scoring_system": "epss", "scoring_elements": "0.79599", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5388" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1281482", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1281482" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-01/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-01/" }, { "reference_url": "http://www.securityfocus.com/bid/95763", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/95763" }, { "reference_url": "http://www.securitytracker.com/id/1037693", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037693" }, { "reference_url": "https://security.archlinux.org/ASA-201701-39", "reference_id": "ASA-201701-39", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-39" }, { "reference_url": "https://security.archlinux.org/AVG-157", "reference_id": "AVG-157", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-157" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5388", "reference_id": "CVE-2017-5388", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5388" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01", "reference_id": "mfsa2017-01", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01" }, { "reference_url": "https://usn.ubuntu.com/3175-1/", "reference_id": "USN-3175-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3175-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371574?format=api", "purl": "pkg:alpm/archlinux/firefox@51.0.1-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-22xt-tnu1-gyhu" }, { "vulnerability": "VCID-3dy5-4e6w-3kgt" }, { "vulnerability": "VCID-3ehk-593t-abcp" }, { "vulnerability": "VCID-3nup-1513-ybaq" }, { "vulnerability": "VCID-3tww-nhmh-gua6" }, { "vulnerability": "VCID-667g-8khd-kkhm" }, { "vulnerability": "VCID-6b9m-3w58-qydd" }, { "vulnerability": "VCID-6m1t-sn26-fbaf" }, { "vulnerability": "VCID-6wce-w5a8-2qet" }, { "vulnerability": "VCID-6wy1-juan-8ua8" }, { "vulnerability": "VCID-dxr7-qubc-tyb7" }, { "vulnerability": "VCID-ecmf-7x8a-jugv" }, { "vulnerability": "VCID-erx8-1tfq-kyce" }, { "vulnerability": "VCID-gshc-3brh-c3dr" }, { "vulnerability": "VCID-jwze-7mfw-r3ax" }, { "vulnerability": "VCID-npyt-d8qr-wqdj" }, { "vulnerability": "VCID-qdc5-1z7p-zqar" }, { "vulnerability": "VCID-r8en-yg26-w3a1" }, { "vulnerability": "VCID-re3h-pcpx-puhe" }, { "vulnerability": "VCID-rff5-96dg-qqgp" }, { "vulnerability": "VCID-ssxw-2rbk-cyfe" }, { "vulnerability": "VCID-t4bj-qz9s-s7eb" }, { "vulnerability": "VCID-w67x-2qg8-v7gv" }, { "vulnerability": "VCID-w7g1-ub97-gqdd" }, { "vulnerability": "VCID-zpz5-xyxk-4fby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@51.0.1-1" } ], "aliases": [ "CVE-2017-5388" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ahzr-nr7g-5ue2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41546?format=api", "vulnerability_id": "VCID-bjyq-1zfk-eugq", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0190.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0190.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0238.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0238.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5383.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5383.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02444", "scoring_system": "epss", "scoring_elements": "0.85207", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02444", "scoring_system": "epss", "scoring_elements": "0.85146", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02444", "scoring_system": "epss", "scoring_elements": "0.85168", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02444", "scoring_system": "epss", "scoring_elements": "0.85176", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02444", "scoring_system": "epss", "scoring_elements": "0.8519", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02444", "scoring_system": "epss", "scoring_elements": "0.85188", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02444", "scoring_system": "epss", "scoring_elements": "0.85185", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02444", "scoring_system": "epss", "scoring_elements": "0.85206", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02444", "scoring_system": "epss", "scoring_elements": "0.85208", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02444", "scoring_system": "epss", "scoring_elements": "0.85113", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02444", "scoring_system": "epss", "scoring_elements": "0.85126", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02444", "scoring_system": "epss", "scoring_elements": "0.85143", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5383" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1323338", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1323338" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1324716", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1324716" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3771" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3832", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3832" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-01/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-01/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-02/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-02/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-03/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-03/" }, { "reference_url": "http://www.securityfocus.com/bid/95769", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/95769" }, { "reference_url": "http://www.securitytracker.com/id/1037693", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037693" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416281", "reference_id": "1416281", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416281" }, { "reference_url": "https://security.archlinux.org/ASA-201701-39", "reference_id": "ASA-201701-39", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-39" }, { "reference_url": "https://security.archlinux.org/ASA-201701-40", "reference_id": "ASA-201701-40", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-40" }, { "reference_url": "https://security.archlinux.org/AVG-157", "reference_id": "AVG-157", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-157" }, { "reference_url": "https://security.archlinux.org/AVG-158", "reference_id": "AVG-158", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-158" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5383", "reference_id": "CVE-2017-5383", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5383" }, { "reference_url": "https://security.gentoo.org/glsa/201702-13", "reference_id": "GLSA-201702-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-13" }, { "reference_url": "https://security.gentoo.org/glsa/201702-22", "reference_id": "GLSA-201702-22", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-22" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01", "reference_id": "mfsa2017-01", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-02", "reference_id": "mfsa2017-02", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-03", "reference_id": "mfsa2017-03", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0190", "reference_id": "RHSA-2017:0190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0190" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0238", "reference_id": "RHSA-2017:0238", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0238" }, { "reference_url": "https://usn.ubuntu.com/3165-1/", "reference_id": "USN-3165-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3165-1/" }, { "reference_url": "https://usn.ubuntu.com/3175-1/", "reference_id": "USN-3175-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3175-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371574?format=api", "purl": "pkg:alpm/archlinux/firefox@51.0.1-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-22xt-tnu1-gyhu" }, { "vulnerability": "VCID-3dy5-4e6w-3kgt" }, { "vulnerability": "VCID-3ehk-593t-abcp" }, { "vulnerability": "VCID-3nup-1513-ybaq" }, { "vulnerability": "VCID-3tww-nhmh-gua6" }, { "vulnerability": "VCID-667g-8khd-kkhm" }, { "vulnerability": "VCID-6b9m-3w58-qydd" }, { "vulnerability": "VCID-6m1t-sn26-fbaf" }, { "vulnerability": "VCID-6wce-w5a8-2qet" }, { "vulnerability": "VCID-6wy1-juan-8ua8" }, { "vulnerability": "VCID-dxr7-qubc-tyb7" }, { "vulnerability": "VCID-ecmf-7x8a-jugv" }, { "vulnerability": "VCID-erx8-1tfq-kyce" }, { "vulnerability": "VCID-gshc-3brh-c3dr" }, { "vulnerability": "VCID-jwze-7mfw-r3ax" }, { "vulnerability": "VCID-npyt-d8qr-wqdj" }, { "vulnerability": "VCID-qdc5-1z7p-zqar" }, { "vulnerability": "VCID-r8en-yg26-w3a1" }, { "vulnerability": "VCID-re3h-pcpx-puhe" }, { "vulnerability": "VCID-rff5-96dg-qqgp" }, { "vulnerability": "VCID-ssxw-2rbk-cyfe" }, { "vulnerability": "VCID-t4bj-qz9s-s7eb" }, { "vulnerability": "VCID-w67x-2qg8-v7gv" }, { "vulnerability": "VCID-w7g1-ub97-gqdd" }, { "vulnerability": "VCID-zpz5-xyxk-4fby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@51.0.1-1" } ], "aliases": [ "CVE-2017-5383" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bjyq-1zfk-eugq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41543?format=api", "vulnerability_id": "VCID-c8p3-ef58-wudt", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0190.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0190.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0238.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0238.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5376.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5376.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82822", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82744", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82741", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82767", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82774", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.8279", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82785", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82781", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82819", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82714", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.8273", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5376" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1311687", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1311687" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3771" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3832", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3832" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-01/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-01/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-02/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-02/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-03/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-03/" }, { "reference_url": "http://www.securityfocus.com/bid/95758", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/95758" }, { "reference_url": "http://www.securitytracker.com/id/1037693", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037693" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416272", "reference_id": "1416272", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416272" }, { "reference_url": "https://security.archlinux.org/ASA-201701-39", "reference_id": "ASA-201701-39", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-39" }, { "reference_url": "https://security.archlinux.org/ASA-201701-40", "reference_id": "ASA-201701-40", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-40" }, { "reference_url": "https://security.archlinux.org/AVG-157", "reference_id": "AVG-157", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-157" }, { "reference_url": "https://security.archlinux.org/AVG-158", "reference_id": "AVG-158", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-158" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5376", "reference_id": "CVE-2017-5376", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5376" }, { "reference_url": "https://security.gentoo.org/glsa/201702-13", "reference_id": "GLSA-201702-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-13" }, { "reference_url": "https://security.gentoo.org/glsa/201702-22", "reference_id": "GLSA-201702-22", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-22" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01", "reference_id": "mfsa2017-01", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-02", "reference_id": "mfsa2017-02", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-03", "reference_id": "mfsa2017-03", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0190", "reference_id": "RHSA-2017:0190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0190" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0238", "reference_id": "RHSA-2017:0238", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0238" }, { "reference_url": "https://usn.ubuntu.com/3165-1/", "reference_id": "USN-3165-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3165-1/" }, { "reference_url": "https://usn.ubuntu.com/3175-1/", "reference_id": "USN-3175-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3175-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371574?format=api", "purl": "pkg:alpm/archlinux/firefox@51.0.1-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-22xt-tnu1-gyhu" }, { "vulnerability": "VCID-3dy5-4e6w-3kgt" }, { "vulnerability": "VCID-3ehk-593t-abcp" }, { "vulnerability": "VCID-3nup-1513-ybaq" }, { "vulnerability": "VCID-3tww-nhmh-gua6" }, { "vulnerability": "VCID-667g-8khd-kkhm" }, { "vulnerability": "VCID-6b9m-3w58-qydd" }, { "vulnerability": "VCID-6m1t-sn26-fbaf" }, { "vulnerability": "VCID-6wce-w5a8-2qet" }, { "vulnerability": "VCID-6wy1-juan-8ua8" }, { "vulnerability": "VCID-dxr7-qubc-tyb7" }, { "vulnerability": "VCID-ecmf-7x8a-jugv" }, { "vulnerability": "VCID-erx8-1tfq-kyce" }, { "vulnerability": "VCID-gshc-3brh-c3dr" }, { "vulnerability": "VCID-jwze-7mfw-r3ax" }, { "vulnerability": "VCID-npyt-d8qr-wqdj" }, { "vulnerability": "VCID-qdc5-1z7p-zqar" }, { "vulnerability": "VCID-r8en-yg26-w3a1" }, { "vulnerability": "VCID-re3h-pcpx-puhe" }, { "vulnerability": "VCID-rff5-96dg-qqgp" }, { "vulnerability": "VCID-ssxw-2rbk-cyfe" }, { "vulnerability": "VCID-t4bj-qz9s-s7eb" }, { "vulnerability": "VCID-w67x-2qg8-v7gv" }, { "vulnerability": "VCID-w7g1-ub97-gqdd" }, { "vulnerability": "VCID-zpz5-xyxk-4fby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@51.0.1-1" } ], "aliases": [ "CVE-2017-5376" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c8p3-ef58-wudt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62896?format=api", "vulnerability_id": "VCID-dv2d-9a59-xkaq", "summary": "Proxy Auto-Config (PAC) files can specify a JavaScript function called for all URL requests with the full URL path which exposes more information than would be sent to the proxy itself in the case of HTTPS. Normally the Proxy Auto-Config file is specified by the user or machine owner and presumed to be non-malicious, but if a user has enabled Web Proxy Auto Detect (WPAD) this file can be served remotely.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5384", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00764", "scoring_system": "epss", "scoring_elements": "0.73466", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00764", "scoring_system": "epss", "scoring_elements": "0.7337", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00764", "scoring_system": "epss", "scoring_elements": "0.73428", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00764", "scoring_system": "epss", "scoring_elements": "0.7342", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00764", "scoring_system": "epss", "scoring_elements": "0.73463", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00764", "scoring_system": "epss", "scoring_elements": "0.73471", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00764", "scoring_system": "epss", "scoring_elements": "0.73378", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00764", "scoring_system": "epss", "scoring_elements": "0.73402", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00764", "scoring_system": "epss", "scoring_elements": "0.73374", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00764", "scoring_system": "epss", "scoring_elements": "0.73411", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00764", "scoring_system": "epss", "scoring_elements": "0.73425", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00764", "scoring_system": "epss", "scoring_elements": "0.73448", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5384" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1255474", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1255474" }, { "reference_url": "https://www.contextis.com//resources/blog/leaking-https-urls-20-year-old-vulnerability/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.contextis.com//resources/blog/leaking-https-urls-20-year-old-vulnerability/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-01/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-01/" }, { "reference_url": "http://www.securityfocus.com/bid/95763", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/95763" }, { "reference_url": "http://www.securitytracker.com/id/1037693", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037693" }, { "reference_url": "https://security.archlinux.org/ASA-201701-39", "reference_id": "ASA-201701-39", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-39" }, { "reference_url": "https://security.archlinux.org/AVG-157", "reference_id": "AVG-157", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-157" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5384", "reference_id": "CVE-2017-5384", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" }, { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5384" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01", "reference_id": "mfsa2017-01", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01" }, { "reference_url": "https://usn.ubuntu.com/3175-1/", "reference_id": "USN-3175-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3175-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371574?format=api", "purl": "pkg:alpm/archlinux/firefox@51.0.1-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-22xt-tnu1-gyhu" }, { "vulnerability": "VCID-3dy5-4e6w-3kgt" }, { "vulnerability": "VCID-3ehk-593t-abcp" }, { "vulnerability": "VCID-3nup-1513-ybaq" }, { "vulnerability": "VCID-3tww-nhmh-gua6" }, { "vulnerability": "VCID-667g-8khd-kkhm" }, { "vulnerability": "VCID-6b9m-3w58-qydd" }, { "vulnerability": "VCID-6m1t-sn26-fbaf" }, { "vulnerability": "VCID-6wce-w5a8-2qet" }, { "vulnerability": "VCID-6wy1-juan-8ua8" }, { "vulnerability": "VCID-dxr7-qubc-tyb7" }, { "vulnerability": "VCID-ecmf-7x8a-jugv" }, { "vulnerability": "VCID-erx8-1tfq-kyce" }, { "vulnerability": "VCID-gshc-3brh-c3dr" }, { "vulnerability": "VCID-jwze-7mfw-r3ax" }, { "vulnerability": "VCID-npyt-d8qr-wqdj" }, { "vulnerability": "VCID-qdc5-1z7p-zqar" }, { "vulnerability": "VCID-r8en-yg26-w3a1" }, { "vulnerability": "VCID-re3h-pcpx-puhe" }, { "vulnerability": "VCID-rff5-96dg-qqgp" }, { "vulnerability": "VCID-ssxw-2rbk-cyfe" }, { "vulnerability": "VCID-t4bj-qz9s-s7eb" }, { "vulnerability": "VCID-w67x-2qg8-v7gv" }, { "vulnerability": "VCID-w7g1-ub97-gqdd" }, { "vulnerability": "VCID-zpz5-xyxk-4fby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@51.0.1-1" } ], "aliases": [ "CVE-2017-5384" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dv2d-9a59-xkaq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62894?format=api", "vulnerability_id": "VCID-e2ww-ngam-cugq", "summary": "The \"export\" function in the Certificate Viewer can force local filesystem navigation when the \"common name\" in a certificate contains slashes, allowing certificate content to be saved in unsafe locations with an arbitrary filename.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5381", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01264", "scoring_system": "epss", "scoring_elements": "0.79474", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01264", "scoring_system": "epss", "scoring_elements": "0.79392", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01264", "scoring_system": "epss", "scoring_elements": "0.79452", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01264", "scoring_system": "epss", "scoring_elements": "0.79441", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01264", "scoring_system": "epss", "scoring_elements": "0.79471", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01264", "scoring_system": "epss", "scoring_elements": "0.7947", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01264", "scoring_system": "epss", "scoring_elements": "0.79399", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01264", "scoring_system": "epss", "scoring_elements": "0.79421", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01264", "scoring_system": "epss", "scoring_elements": "0.79408", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01264", "scoring_system": "epss", "scoring_elements": "0.79436", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01264", "scoring_system": "epss", "scoring_elements": "0.79445", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01264", "scoring_system": "epss", "scoring_elements": "0.79468", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5381" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1017616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1017616" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-01/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-01/" }, { "reference_url": "http://www.securityfocus.com/bid/95763", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/95763" }, { "reference_url": "http://www.securitytracker.com/id/1037693", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037693" }, { "reference_url": "https://security.archlinux.org/ASA-201701-39", "reference_id": "ASA-201701-39", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-39" }, { "reference_url": "https://security.archlinux.org/AVG-157", "reference_id": "AVG-157", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-157" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5381", "reference_id": "CVE-2017-5381", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5381" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01", "reference_id": "mfsa2017-01", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01" }, { "reference_url": "https://usn.ubuntu.com/3175-1/", "reference_id": "USN-3175-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3175-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371574?format=api", "purl": "pkg:alpm/archlinux/firefox@51.0.1-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-22xt-tnu1-gyhu" }, { "vulnerability": "VCID-3dy5-4e6w-3kgt" }, { "vulnerability": "VCID-3ehk-593t-abcp" }, { "vulnerability": "VCID-3nup-1513-ybaq" }, { "vulnerability": "VCID-3tww-nhmh-gua6" }, { "vulnerability": "VCID-667g-8khd-kkhm" }, { "vulnerability": "VCID-6b9m-3w58-qydd" }, { "vulnerability": "VCID-6m1t-sn26-fbaf" }, { "vulnerability": "VCID-6wce-w5a8-2qet" }, { "vulnerability": "VCID-6wy1-juan-8ua8" }, { "vulnerability": "VCID-dxr7-qubc-tyb7" }, { "vulnerability": "VCID-ecmf-7x8a-jugv" }, { "vulnerability": "VCID-erx8-1tfq-kyce" }, { "vulnerability": "VCID-gshc-3brh-c3dr" }, { "vulnerability": "VCID-jwze-7mfw-r3ax" }, { "vulnerability": "VCID-npyt-d8qr-wqdj" }, { "vulnerability": "VCID-qdc5-1z7p-zqar" }, { "vulnerability": "VCID-r8en-yg26-w3a1" }, { "vulnerability": "VCID-re3h-pcpx-puhe" }, { "vulnerability": "VCID-rff5-96dg-qqgp" }, { "vulnerability": "VCID-ssxw-2rbk-cyfe" }, { "vulnerability": "VCID-t4bj-qz9s-s7eb" }, { "vulnerability": "VCID-w67x-2qg8-v7gv" }, { "vulnerability": "VCID-w7g1-ub97-gqdd" }, { "vulnerability": "VCID-zpz5-xyxk-4fby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@51.0.1-1" } ], "aliases": [ "CVE-2017-5381" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e2ww-ngam-cugq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41542?format=api", "vulnerability_id": "VCID-gcen-3yba-a3ht", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0190.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0190.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0238.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0238.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5375.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5375.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.60738", "scoring_system": "epss", "scoring_elements": "0.98301", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.60738", "scoring_system": "epss", "scoring_elements": "0.983", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.60738", "scoring_system": "epss", "scoring_elements": "0.98279", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.60738", "scoring_system": "epss", "scoring_elements": "0.98294", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.60738", "scoring_system": "epss", "scoring_elements": "0.9829", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.60738", "scoring_system": "epss", "scoring_elements": "0.98289", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.60738", "scoring_system": "epss", "scoring_elements": "0.98285", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.60738", "scoring_system": "epss", "scoring_elements": "0.98281", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.60738", "scoring_system": "epss", "scoring_elements": "0.98284", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5375" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1325200", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1325200" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3771" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3832", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3832" }, { "reference_url": "https://www.exploit-db.com/exploits/42327/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/42327/" }, { "reference_url": "https://www.exploit-db.com/exploits/44293/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/44293/" }, { "reference_url": "https://www.exploit-db.com/exploits/44294/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/44294/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-01/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-01/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-02/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-02/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-03/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-03/" }, { "reference_url": "http://www.securityfocus.com/bid/95757", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/95757" }, { "reference_url": "http://www.securitytracker.com/id/1037693", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037693" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416271", "reference_id": "1416271", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416271" }, { "reference_url": "https://security.archlinux.org/ASA-201701-39", "reference_id": "ASA-201701-39", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-39" }, { "reference_url": "https://security.archlinux.org/ASA-201701-40", "reference_id": "ASA-201701-40", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-40" }, { "reference_url": "https://security.archlinux.org/AVG-157", "reference_id": "AVG-157", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-157" }, { "reference_url": "https://security.archlinux.org/AVG-158", "reference_id": "AVG-158", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-158" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5375", "reference_id": "CVE-2017-5375", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5375" }, { "reference_url": "https://security.gentoo.org/glsa/201702-13", "reference_id": "GLSA-201702-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-13" }, { "reference_url": "https://security.gentoo.org/glsa/201702-22", "reference_id": "GLSA-201702-22", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-22" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01", "reference_id": "mfsa2017-01", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-02", "reference_id": "mfsa2017-02", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-03", "reference_id": "mfsa2017-03", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0190", "reference_id": "RHSA-2017:0190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0190" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0238", "reference_id": "RHSA-2017:0238", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0238" }, { "reference_url": "https://usn.ubuntu.com/3165-1/", "reference_id": "USN-3165-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3165-1/" }, { "reference_url": "https://usn.ubuntu.com/3175-1/", "reference_id": "USN-3175-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3175-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371574?format=api", "purl": "pkg:alpm/archlinux/firefox@51.0.1-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-22xt-tnu1-gyhu" }, { "vulnerability": "VCID-3dy5-4e6w-3kgt" }, { "vulnerability": "VCID-3ehk-593t-abcp" }, { "vulnerability": "VCID-3nup-1513-ybaq" }, { "vulnerability": "VCID-3tww-nhmh-gua6" }, { "vulnerability": "VCID-667g-8khd-kkhm" }, { "vulnerability": "VCID-6b9m-3w58-qydd" }, { "vulnerability": "VCID-6m1t-sn26-fbaf" }, { "vulnerability": "VCID-6wce-w5a8-2qet" }, { "vulnerability": "VCID-6wy1-juan-8ua8" }, { "vulnerability": "VCID-dxr7-qubc-tyb7" }, { "vulnerability": "VCID-ecmf-7x8a-jugv" }, { "vulnerability": "VCID-erx8-1tfq-kyce" }, { "vulnerability": "VCID-gshc-3brh-c3dr" }, { "vulnerability": "VCID-jwze-7mfw-r3ax" }, { "vulnerability": "VCID-npyt-d8qr-wqdj" }, { "vulnerability": "VCID-qdc5-1z7p-zqar" }, { "vulnerability": "VCID-r8en-yg26-w3a1" }, { "vulnerability": "VCID-re3h-pcpx-puhe" }, { "vulnerability": "VCID-rff5-96dg-qqgp" }, { "vulnerability": "VCID-ssxw-2rbk-cyfe" }, { "vulnerability": "VCID-t4bj-qz9s-s7eb" }, { "vulnerability": "VCID-w67x-2qg8-v7gv" }, { "vulnerability": "VCID-w7g1-ub97-gqdd" }, { "vulnerability": "VCID-zpz5-xyxk-4fby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@51.0.1-1" } ], "aliases": [ "CVE-2017-5375" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gcen-3yba-a3ht" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62891?format=api", "vulnerability_id": "VCID-hhtb-ha1v-tffj", "summary": "A memory corruption vulnerability in Skia that can occur when using transforms to make gradients, resulting in a potentially exploitable crash.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5377", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01847", "scoring_system": "epss", "scoring_elements": "0.83024", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01847", "scoring_system": "epss", "scoring_elements": "0.82917", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01847", "scoring_system": "epss", "scoring_elements": "0.82991", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01847", "scoring_system": "epss", "scoring_elements": "0.82985", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01847", "scoring_system": "epss", "scoring_elements": "0.82981", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01847", "scoring_system": "epss", "scoring_elements": "0.8302", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01847", "scoring_system": "epss", "scoring_elements": "0.82934", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01847", "scoring_system": "epss", "scoring_elements": "0.82946", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01847", "scoring_system": "epss", "scoring_elements": "0.82943", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01847", "scoring_system": "epss", "scoring_elements": "0.82968", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01847", "scoring_system": "epss", "scoring_elements": "0.82975", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5377" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1306883", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1306883" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-01/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-01/" }, { "reference_url": "http://www.securityfocus.com/bid/95761", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/95761" }, { "reference_url": "http://www.securitytracker.com/id/1037693", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037693" }, { "reference_url": "https://security.archlinux.org/ASA-201701-39", "reference_id": "ASA-201701-39", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-39" }, { "reference_url": "https://security.archlinux.org/AVG-157", "reference_id": "AVG-157", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-157" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5377", "reference_id": "CVE-2017-5377", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5377" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01", "reference_id": "mfsa2017-01", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01" }, { "reference_url": "https://usn.ubuntu.com/3175-1/", "reference_id": "USN-3175-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3175-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371574?format=api", "purl": "pkg:alpm/archlinux/firefox@51.0.1-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-22xt-tnu1-gyhu" }, { "vulnerability": "VCID-3dy5-4e6w-3kgt" }, { "vulnerability": "VCID-3ehk-593t-abcp" }, { "vulnerability": "VCID-3nup-1513-ybaq" }, { "vulnerability": "VCID-3tww-nhmh-gua6" }, { "vulnerability": "VCID-667g-8khd-kkhm" }, { "vulnerability": "VCID-6b9m-3w58-qydd" }, { "vulnerability": "VCID-6m1t-sn26-fbaf" }, { "vulnerability": "VCID-6wce-w5a8-2qet" }, { "vulnerability": "VCID-6wy1-juan-8ua8" }, { "vulnerability": "VCID-dxr7-qubc-tyb7" }, { "vulnerability": "VCID-ecmf-7x8a-jugv" }, { "vulnerability": "VCID-erx8-1tfq-kyce" }, { "vulnerability": "VCID-gshc-3brh-c3dr" }, { "vulnerability": "VCID-jwze-7mfw-r3ax" }, { "vulnerability": "VCID-npyt-d8qr-wqdj" }, { "vulnerability": "VCID-qdc5-1z7p-zqar" }, { "vulnerability": "VCID-r8en-yg26-w3a1" }, { "vulnerability": "VCID-re3h-pcpx-puhe" }, { "vulnerability": "VCID-rff5-96dg-qqgp" }, { "vulnerability": "VCID-ssxw-2rbk-cyfe" }, { "vulnerability": "VCID-t4bj-qz9s-s7eb" }, { "vulnerability": "VCID-w67x-2qg8-v7gv" }, { "vulnerability": "VCID-w7g1-ub97-gqdd" }, { "vulnerability": "VCID-zpz5-xyxk-4fby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@51.0.1-1" } ], "aliases": [ "CVE-2017-5377" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hhtb-ha1v-tffj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62892?format=api", "vulnerability_id": "VCID-htpg-t39z-nbex", "summary": "Use-after-free vulnerability in Web Animations when interacting with cycle collection found through fuzzing.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5379", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01753", "scoring_system": "epss", "scoring_elements": "0.82612", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01753", "scoring_system": "epss", "scoring_elements": "0.82505", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01753", "scoring_system": "epss", "scoring_elements": "0.82577", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01753", "scoring_system": "epss", "scoring_elements": "0.82571", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01753", "scoring_system": "epss", "scoring_elements": "0.82607", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01753", "scoring_system": "epss", "scoring_elements": "0.82608", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01753", "scoring_system": "epss", "scoring_elements": "0.82519", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01753", "scoring_system": "epss", "scoring_elements": "0.82534", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01753", "scoring_system": "epss", "scoring_elements": "0.82531", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01753", "scoring_system": "epss", "scoring_elements": "0.82557", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01753", "scoring_system": "epss", "scoring_elements": "0.82565", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01753", "scoring_system": "epss", "scoring_elements": "0.82583", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5379" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1309198", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1309198" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-01/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-01/" }, { "reference_url": "http://www.securityfocus.com/bid/95763", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/95763" }, { "reference_url": "http://www.securitytracker.com/id/1037693", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037693" }, { "reference_url": "https://security.archlinux.org/ASA-201701-39", "reference_id": "ASA-201701-39", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-39" }, { "reference_url": "https://security.archlinux.org/AVG-157", "reference_id": "AVG-157", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-157" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5379", "reference_id": "CVE-2017-5379", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5379" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01", "reference_id": "mfsa2017-01", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01" }, { "reference_url": "https://usn.ubuntu.com/3175-1/", "reference_id": "USN-3175-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3175-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371574?format=api", "purl": "pkg:alpm/archlinux/firefox@51.0.1-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-22xt-tnu1-gyhu" }, { "vulnerability": "VCID-3dy5-4e6w-3kgt" }, { "vulnerability": "VCID-3ehk-593t-abcp" }, { "vulnerability": "VCID-3nup-1513-ybaq" }, { "vulnerability": "VCID-3tww-nhmh-gua6" }, { "vulnerability": "VCID-667g-8khd-kkhm" }, { "vulnerability": "VCID-6b9m-3w58-qydd" }, { "vulnerability": "VCID-6m1t-sn26-fbaf" }, { "vulnerability": "VCID-6wce-w5a8-2qet" }, { "vulnerability": "VCID-6wy1-juan-8ua8" }, { "vulnerability": "VCID-dxr7-qubc-tyb7" }, { "vulnerability": "VCID-ecmf-7x8a-jugv" }, { "vulnerability": "VCID-erx8-1tfq-kyce" }, { "vulnerability": "VCID-gshc-3brh-c3dr" }, { "vulnerability": "VCID-jwze-7mfw-r3ax" }, { "vulnerability": "VCID-npyt-d8qr-wqdj" }, { "vulnerability": "VCID-qdc5-1z7p-zqar" }, { "vulnerability": "VCID-r8en-yg26-w3a1" }, { "vulnerability": "VCID-re3h-pcpx-puhe" }, { "vulnerability": "VCID-rff5-96dg-qqgp" }, { "vulnerability": "VCID-ssxw-2rbk-cyfe" }, { "vulnerability": "VCID-t4bj-qz9s-s7eb" }, { "vulnerability": "VCID-w67x-2qg8-v7gv" }, { "vulnerability": "VCID-w7g1-ub97-gqdd" }, { "vulnerability": "VCID-zpz5-xyxk-4fby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@51.0.1-1" } ], "aliases": [ "CVE-2017-5379" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-htpg-t39z-nbex" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41548?format=api", "vulnerability_id": "VCID-hyhc-qud7-6uax", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0190.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0190.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0238.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0238.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5396.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5396.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01838", "scoring_system": "epss", "scoring_elements": "0.82982", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01838", "scoring_system": "epss", "scoring_elements": "0.82943", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01838", "scoring_system": "epss", "scoring_elements": "0.82878", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01838", "scoring_system": "epss", "scoring_elements": "0.82947", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01838", "scoring_system": "epss", "scoring_elements": "0.82952", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01838", "scoring_system": "epss", "scoring_elements": "0.82936", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01838", "scoring_system": "epss", "scoring_elements": "0.82929", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01838", "scoring_system": "epss", "scoring_elements": "0.82904", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01838", "scoring_system": "epss", "scoring_elements": "0.82907", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01838", "scoring_system": "epss", "scoring_elements": "0.82895", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03206", "scoring_system": "epss", "scoring_elements": "0.87032", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03206", "scoring_system": "epss", "scoring_elements": "0.87035", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5396" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1329403", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1329403" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3771" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3832", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3832" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-01/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-01/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-02/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-02/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-03/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-03/" }, { "reference_url": "http://www.securityfocus.com/bid/95769", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/95769" }, { "reference_url": "http://www.securitytracker.com/id/1037693", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037693" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416280", "reference_id": "1416280", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416280" }, { "reference_url": "https://security.archlinux.org/ASA-201701-39", "reference_id": "ASA-201701-39", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-39" }, { "reference_url": "https://security.archlinux.org/ASA-201701-40", "reference_id": "ASA-201701-40", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-40" }, { "reference_url": "https://security.archlinux.org/AVG-157", "reference_id": "AVG-157", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-157" }, { "reference_url": "https://security.archlinux.org/AVG-158", "reference_id": "AVG-158", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-158" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5396", "reference_id": "CVE-2017-5396", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5396" }, { "reference_url": "https://security.gentoo.org/glsa/201702-13", "reference_id": "GLSA-201702-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-13" }, { "reference_url": "https://security.gentoo.org/glsa/201702-22", "reference_id": "GLSA-201702-22", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-22" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01", "reference_id": "mfsa2017-01", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-02", "reference_id": "mfsa2017-02", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-03", "reference_id": "mfsa2017-03", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0190", "reference_id": "RHSA-2017:0190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0190" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0238", "reference_id": "RHSA-2017:0238", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0238" }, { "reference_url": "https://usn.ubuntu.com/3165-1/", "reference_id": "USN-3165-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3165-1/" }, { "reference_url": "https://usn.ubuntu.com/3175-1/", "reference_id": "USN-3175-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3175-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371574?format=api", "purl": "pkg:alpm/archlinux/firefox@51.0.1-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-22xt-tnu1-gyhu" }, { "vulnerability": "VCID-3dy5-4e6w-3kgt" }, { "vulnerability": "VCID-3ehk-593t-abcp" }, { "vulnerability": "VCID-3nup-1513-ybaq" }, { "vulnerability": "VCID-3tww-nhmh-gua6" }, { "vulnerability": "VCID-667g-8khd-kkhm" }, { "vulnerability": "VCID-6b9m-3w58-qydd" }, { "vulnerability": "VCID-6m1t-sn26-fbaf" }, { "vulnerability": "VCID-6wce-w5a8-2qet" }, { "vulnerability": "VCID-6wy1-juan-8ua8" }, { "vulnerability": "VCID-dxr7-qubc-tyb7" }, { "vulnerability": "VCID-ecmf-7x8a-jugv" }, { "vulnerability": "VCID-erx8-1tfq-kyce" }, { "vulnerability": "VCID-gshc-3brh-c3dr" }, { "vulnerability": "VCID-jwze-7mfw-r3ax" }, { "vulnerability": "VCID-npyt-d8qr-wqdj" }, { "vulnerability": "VCID-qdc5-1z7p-zqar" }, { "vulnerability": "VCID-r8en-yg26-w3a1" }, { "vulnerability": "VCID-re3h-pcpx-puhe" }, { "vulnerability": "VCID-rff5-96dg-qqgp" }, { "vulnerability": "VCID-ssxw-2rbk-cyfe" }, { "vulnerability": "VCID-t4bj-qz9s-s7eb" }, { "vulnerability": "VCID-w67x-2qg8-v7gv" }, { "vulnerability": "VCID-w7g1-ub97-gqdd" }, { "vulnerability": "VCID-zpz5-xyxk-4fby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@51.0.1-1" } ], "aliases": [ "CVE-2017-5396" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hyhc-qud7-6uax" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41544?format=api", "vulnerability_id": "VCID-m59v-ygc2-qucg", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0190.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0190.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0238.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0238.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5378.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5378.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01705", "scoring_system": "epss", "scoring_elements": "0.82347", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01705", "scoring_system": "epss", "scoring_elements": "0.82273", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01705", "scoring_system": "epss", "scoring_elements": "0.82268", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01705", "scoring_system": "epss", "scoring_elements": "0.82295", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01705", "scoring_system": "epss", "scoring_elements": "0.82302", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01705", "scoring_system": "epss", "scoring_elements": "0.82322", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01705", "scoring_system": "epss", "scoring_elements": "0.82315", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01705", "scoring_system": "epss", "scoring_elements": "0.8231", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01705", "scoring_system": "epss", "scoring_elements": "0.82344", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01705", "scoring_system": "epss", "scoring_elements": "0.82241", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01705", "scoring_system": "epss", "scoring_elements": "0.82254", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5378" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1312001", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1312001" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1330769", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1330769" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3771" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3832", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3832" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-01/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-01/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-02/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-02/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-03/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-03/" }, { "reference_url": "http://www.securityfocus.com/bid/95769", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/95769" }, { "reference_url": "http://www.securitytracker.com/id/1037693", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037693" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416273", "reference_id": "1416273", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416273" }, { "reference_url": "https://security.archlinux.org/ASA-201701-39", "reference_id": "ASA-201701-39", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-39" }, { "reference_url": "https://security.archlinux.org/ASA-201701-40", "reference_id": "ASA-201701-40", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-40" }, { "reference_url": "https://security.archlinux.org/AVG-157", "reference_id": "AVG-157", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-157" }, { "reference_url": "https://security.archlinux.org/AVG-158", "reference_id": "AVG-158", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-158" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5378", "reference_id": "CVE-2017-5378", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:N" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5378" }, { "reference_url": "https://security.gentoo.org/glsa/201702-13", "reference_id": "GLSA-201702-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-13" }, { "reference_url": "https://security.gentoo.org/glsa/201702-22", "reference_id": "GLSA-201702-22", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-22" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01", "reference_id": "mfsa2017-01", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-02", "reference_id": "mfsa2017-02", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-03", "reference_id": "mfsa2017-03", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0190", "reference_id": "RHSA-2017:0190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0190" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0238", "reference_id": "RHSA-2017:0238", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0238" }, { "reference_url": "https://usn.ubuntu.com/3165-1/", "reference_id": "USN-3165-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3165-1/" }, { "reference_url": "https://usn.ubuntu.com/3175-1/", "reference_id": "USN-3175-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3175-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371574?format=api", "purl": "pkg:alpm/archlinux/firefox@51.0.1-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-22xt-tnu1-gyhu" }, { "vulnerability": "VCID-3dy5-4e6w-3kgt" }, { "vulnerability": "VCID-3ehk-593t-abcp" }, { "vulnerability": "VCID-3nup-1513-ybaq" }, { "vulnerability": "VCID-3tww-nhmh-gua6" }, { "vulnerability": "VCID-667g-8khd-kkhm" }, { "vulnerability": "VCID-6b9m-3w58-qydd" }, { "vulnerability": "VCID-6m1t-sn26-fbaf" }, { "vulnerability": "VCID-6wce-w5a8-2qet" }, { "vulnerability": "VCID-6wy1-juan-8ua8" }, { "vulnerability": "VCID-dxr7-qubc-tyb7" }, { "vulnerability": "VCID-ecmf-7x8a-jugv" }, { "vulnerability": "VCID-erx8-1tfq-kyce" }, { "vulnerability": "VCID-gshc-3brh-c3dr" }, { "vulnerability": "VCID-jwze-7mfw-r3ax" }, { "vulnerability": "VCID-npyt-d8qr-wqdj" }, { "vulnerability": "VCID-qdc5-1z7p-zqar" }, { "vulnerability": "VCID-r8en-yg26-w3a1" }, { "vulnerability": "VCID-re3h-pcpx-puhe" }, { "vulnerability": "VCID-rff5-96dg-qqgp" }, { "vulnerability": "VCID-ssxw-2rbk-cyfe" }, { "vulnerability": "VCID-t4bj-qz9s-s7eb" }, { "vulnerability": "VCID-w67x-2qg8-v7gv" }, { "vulnerability": "VCID-w7g1-ub97-gqdd" }, { "vulnerability": "VCID-zpz5-xyxk-4fby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@51.0.1-1" } ], "aliases": [ "CVE-2017-5378" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m59v-ygc2-qucg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62899?format=api", "vulnerability_id": "VCID-qjs9-h3tt-qucf", "summary": "Special about: pages used by web content, such as RSS feeds, can load privileged about: pages in an iframe. If a content-injection bug were found in one of those pages this could allow for potential privilege escalation.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5391", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02446", "scoring_system": "epss", "scoring_elements": "0.85213", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02446", "scoring_system": "epss", "scoring_elements": "0.85119", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02446", "scoring_system": "epss", "scoring_elements": "0.85196", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02446", "scoring_system": "epss", "scoring_elements": "0.85194", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02446", "scoring_system": "epss", "scoring_elements": "0.85191", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02446", "scoring_system": "epss", "scoring_elements": "0.85212", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02446", "scoring_system": "epss", "scoring_elements": "0.85132", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02446", "scoring_system": "epss", "scoring_elements": "0.85149", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02446", "scoring_system": "epss", "scoring_elements": "0.85152", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02446", "scoring_system": "epss", "scoring_elements": "0.85174", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02446", "scoring_system": "epss", "scoring_elements": "0.85182", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5391" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1309310", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1309310" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-01/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-01/" }, { "reference_url": "http://www.securityfocus.com/bid/95763", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/95763" }, { "reference_url": "http://www.securitytracker.com/id/1037693", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037693" }, { "reference_url": "https://security.archlinux.org/ASA-201701-39", "reference_id": "ASA-201701-39", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-39" }, { "reference_url": "https://security.archlinux.org/AVG-157", "reference_id": "AVG-157", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-157" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5391", "reference_id": "CVE-2017-5391", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5391" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01", "reference_id": "mfsa2017-01", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01" }, { "reference_url": "https://usn.ubuntu.com/3175-1/", "reference_id": "USN-3175-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3175-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371574?format=api", "purl": "pkg:alpm/archlinux/firefox@51.0.1-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-22xt-tnu1-gyhu" }, { "vulnerability": "VCID-3dy5-4e6w-3kgt" }, { "vulnerability": "VCID-3ehk-593t-abcp" }, { "vulnerability": "VCID-3nup-1513-ybaq" }, { "vulnerability": "VCID-3tww-nhmh-gua6" }, { "vulnerability": "VCID-667g-8khd-kkhm" }, { "vulnerability": "VCID-6b9m-3w58-qydd" }, { "vulnerability": "VCID-6m1t-sn26-fbaf" }, { "vulnerability": "VCID-6wce-w5a8-2qet" }, { "vulnerability": "VCID-6wy1-juan-8ua8" }, { "vulnerability": "VCID-dxr7-qubc-tyb7" }, { "vulnerability": "VCID-ecmf-7x8a-jugv" }, { "vulnerability": "VCID-erx8-1tfq-kyce" }, { "vulnerability": "VCID-gshc-3brh-c3dr" }, { "vulnerability": "VCID-jwze-7mfw-r3ax" }, { "vulnerability": "VCID-npyt-d8qr-wqdj" }, { "vulnerability": "VCID-qdc5-1z7p-zqar" }, { "vulnerability": "VCID-r8en-yg26-w3a1" }, { "vulnerability": "VCID-re3h-pcpx-puhe" }, { "vulnerability": "VCID-rff5-96dg-qqgp" }, { "vulnerability": "VCID-ssxw-2rbk-cyfe" }, { "vulnerability": "VCID-t4bj-qz9s-s7eb" }, { "vulnerability": "VCID-w67x-2qg8-v7gv" }, { "vulnerability": "VCID-w7g1-ub97-gqdd" }, { "vulnerability": "VCID-zpz5-xyxk-4fby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@51.0.1-1" } ], "aliases": [ "CVE-2017-5391" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qjs9-h3tt-qucf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62895?format=api", "vulnerability_id": "VCID-r34s-64j2-dfff", "summary": "Feed preview for RSS feeds can be used to capture errors and exceptions generated by privileged content, allowing for the exposure of internal information not meant to be seen by web content.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5382", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00957", "scoring_system": "epss", "scoring_elements": "0.76477", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00957", "scoring_system": "epss", "scoring_elements": "0.76388", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00957", "scoring_system": "epss", "scoring_elements": "0.76451", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00957", "scoring_system": "epss", "scoring_elements": "0.76446", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00957", "scoring_system": "epss", "scoring_elements": "0.76486", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00957", "scoring_system": "epss", "scoring_elements": "0.7649", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00957", "scoring_system": "epss", "scoring_elements": "0.76392", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00957", "scoring_system": "epss", "scoring_elements": "0.7642", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00957", "scoring_system": "epss", "scoring_elements": "0.76402", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00957", "scoring_system": "epss", "scoring_elements": "0.76434", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00957", "scoring_system": "epss", "scoring_elements": "0.76448", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00957", "scoring_system": "epss", "scoring_elements": "0.76473", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5382" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1295322", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1295322" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-01/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-01/" }, { "reference_url": "http://www.securityfocus.com/bid/95763", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/95763" }, { "reference_url": "http://www.securitytracker.com/id/1037693", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037693" }, { "reference_url": "https://security.archlinux.org/ASA-201701-39", "reference_id": "ASA-201701-39", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-39" }, { "reference_url": "https://security.archlinux.org/AVG-157", "reference_id": "AVG-157", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-157" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5382", "reference_id": "CVE-2017-5382", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:N" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5382" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01", "reference_id": "mfsa2017-01", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01" }, { "reference_url": "https://usn.ubuntu.com/3175-1/", "reference_id": "USN-3175-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3175-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371574?format=api", "purl": "pkg:alpm/archlinux/firefox@51.0.1-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-22xt-tnu1-gyhu" }, { "vulnerability": "VCID-3dy5-4e6w-3kgt" }, { "vulnerability": "VCID-3ehk-593t-abcp" }, { "vulnerability": "VCID-3nup-1513-ybaq" }, { "vulnerability": "VCID-3tww-nhmh-gua6" }, { "vulnerability": "VCID-667g-8khd-kkhm" }, { "vulnerability": "VCID-6b9m-3w58-qydd" }, { "vulnerability": "VCID-6m1t-sn26-fbaf" }, { "vulnerability": "VCID-6wce-w5a8-2qet" }, { "vulnerability": "VCID-6wy1-juan-8ua8" }, { "vulnerability": "VCID-dxr7-qubc-tyb7" }, { "vulnerability": "VCID-ecmf-7x8a-jugv" }, { "vulnerability": "VCID-erx8-1tfq-kyce" }, { "vulnerability": "VCID-gshc-3brh-c3dr" }, { "vulnerability": "VCID-jwze-7mfw-r3ax" }, { "vulnerability": "VCID-npyt-d8qr-wqdj" }, { "vulnerability": "VCID-qdc5-1z7p-zqar" }, { "vulnerability": "VCID-r8en-yg26-w3a1" }, { "vulnerability": "VCID-re3h-pcpx-puhe" }, { "vulnerability": "VCID-rff5-96dg-qqgp" }, { "vulnerability": "VCID-ssxw-2rbk-cyfe" }, { "vulnerability": "VCID-t4bj-qz9s-s7eb" }, { "vulnerability": "VCID-w67x-2qg8-v7gv" }, { "vulnerability": "VCID-w7g1-ub97-gqdd" }, { "vulnerability": "VCID-zpz5-xyxk-4fby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@51.0.1-1" } ], "aliases": [ "CVE-2017-5382" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r34s-64j2-dfff" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62897?format=api", "vulnerability_id": "VCID-r7te-y4n3-1uhj", "summary": "Data sent with in multipart channels, such as the multipart/x-mixed-replace MIME type, will ignore the referrer-policy response header, leading to potential information disclosure for sites using this header.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5385", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00947", "scoring_system": "epss", "scoring_elements": "0.76358", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00947", "scoring_system": "epss", "scoring_elements": "0.76269", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00947", "scoring_system": "epss", "scoring_elements": "0.76334", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00947", "scoring_system": "epss", "scoring_elements": "0.7633", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00947", "scoring_system": "epss", "scoring_elements": "0.7637", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00947", "scoring_system": "epss", "scoring_elements": "0.76375", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00947", "scoring_system": "epss", "scoring_elements": "0.76273", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00947", "scoring_system": "epss", "scoring_elements": "0.76303", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00947", "scoring_system": "epss", "scoring_elements": "0.76283", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00947", "scoring_system": "epss", "scoring_elements": "0.76316", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00947", "scoring_system": "epss", "scoring_elements": "0.76329", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00947", "scoring_system": "epss", "scoring_elements": "0.76356", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5385" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1295945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1295945" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-01/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-01/" }, { "reference_url": "http://www.securityfocus.com/bid/95763", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/95763" }, { "reference_url": "http://www.securitytracker.com/id/1037693", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037693" }, { "reference_url": "https://security.archlinux.org/ASA-201701-39", "reference_id": "ASA-201701-39", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-39" }, { "reference_url": "https://security.archlinux.org/AVG-157", "reference_id": "AVG-157", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-157" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5385", "reference_id": "CVE-2017-5385", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:N" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5385" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01", "reference_id": "mfsa2017-01", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01" }, { "reference_url": "https://usn.ubuntu.com/3175-1/", "reference_id": "USN-3175-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3175-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371574?format=api", "purl": "pkg:alpm/archlinux/firefox@51.0.1-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-22xt-tnu1-gyhu" }, { "vulnerability": "VCID-3dy5-4e6w-3kgt" }, { "vulnerability": "VCID-3ehk-593t-abcp" }, { "vulnerability": "VCID-3nup-1513-ybaq" }, { "vulnerability": "VCID-3tww-nhmh-gua6" }, { "vulnerability": "VCID-667g-8khd-kkhm" }, { "vulnerability": "VCID-6b9m-3w58-qydd" }, { "vulnerability": "VCID-6m1t-sn26-fbaf" }, { "vulnerability": "VCID-6wce-w5a8-2qet" }, { "vulnerability": "VCID-6wy1-juan-8ua8" }, { "vulnerability": "VCID-dxr7-qubc-tyb7" }, { "vulnerability": "VCID-ecmf-7x8a-jugv" }, { "vulnerability": "VCID-erx8-1tfq-kyce" }, { "vulnerability": "VCID-gshc-3brh-c3dr" }, { "vulnerability": "VCID-jwze-7mfw-r3ax" }, { "vulnerability": "VCID-npyt-d8qr-wqdj" }, { "vulnerability": "VCID-qdc5-1z7p-zqar" }, { "vulnerability": "VCID-r8en-yg26-w3a1" }, { "vulnerability": "VCID-re3h-pcpx-puhe" }, { "vulnerability": "VCID-rff5-96dg-qqgp" }, { "vulnerability": "VCID-ssxw-2rbk-cyfe" }, { "vulnerability": "VCID-t4bj-qz9s-s7eb" }, { "vulnerability": "VCID-w67x-2qg8-v7gv" }, { "vulnerability": "VCID-w7g1-ub97-gqdd" }, { "vulnerability": "VCID-zpz5-xyxk-4fby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@51.0.1-1" } ], "aliases": [ "CVE-2017-5385" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r7te-y4n3-1uhj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41547?format=api", "vulnerability_id": "VCID-tjjd-y1pq-ckf4", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0190.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0190.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0238.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0238.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5390.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5390.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01748", "scoring_system": "epss", "scoring_elements": "0.82585", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01748", "scoring_system": "epss", "scoring_elements": "0.82505", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01748", "scoring_system": "epss", "scoring_elements": "0.82501", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01748", "scoring_system": "epss", "scoring_elements": "0.82528", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01748", "scoring_system": "epss", "scoring_elements": "0.82536", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01748", "scoring_system": "epss", "scoring_elements": "0.82554", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01748", "scoring_system": "epss", "scoring_elements": "0.82549", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01748", "scoring_system": "epss", "scoring_elements": "0.82545", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01748", "scoring_system": "epss", "scoring_elements": "0.82581", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01748", "scoring_system": "epss", "scoring_elements": "0.82473", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01748", "scoring_system": "epss", "scoring_elements": "0.82487", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5390" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1297361", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1297361" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3771" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3832", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3832" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-01/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-01/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-02/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-02/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-03/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-03/" }, { "reference_url": "http://www.securityfocus.com/bid/95769", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/95769" }, { "reference_url": "http://www.securitytracker.com/id/1037693", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037693" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416279", "reference_id": "1416279", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416279" }, { "reference_url": "https://security.archlinux.org/ASA-201701-39", "reference_id": "ASA-201701-39", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-39" }, { "reference_url": "https://security.archlinux.org/ASA-201701-40", "reference_id": "ASA-201701-40", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-40" }, { "reference_url": "https://security.archlinux.org/AVG-157", "reference_id": "AVG-157", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-157" }, { "reference_url": "https://security.archlinux.org/AVG-158", "reference_id": "AVG-158", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-158" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5390", "reference_id": "CVE-2017-5390", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5390" }, { "reference_url": "https://security.gentoo.org/glsa/201702-13", "reference_id": "GLSA-201702-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-13" }, { "reference_url": "https://security.gentoo.org/glsa/201702-22", "reference_id": "GLSA-201702-22", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-22" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01", "reference_id": "mfsa2017-01", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-02", "reference_id": "mfsa2017-02", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-03", "reference_id": "mfsa2017-03", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0190", "reference_id": "RHSA-2017:0190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0190" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0238", "reference_id": "RHSA-2017:0238", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0238" }, { "reference_url": "https://usn.ubuntu.com/3165-1/", "reference_id": "USN-3165-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3165-1/" }, { "reference_url": "https://usn.ubuntu.com/3175-1/", "reference_id": "USN-3175-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3175-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371574?format=api", "purl": "pkg:alpm/archlinux/firefox@51.0.1-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-22xt-tnu1-gyhu" }, { "vulnerability": "VCID-3dy5-4e6w-3kgt" }, { "vulnerability": "VCID-3ehk-593t-abcp" }, { "vulnerability": "VCID-3nup-1513-ybaq" }, { "vulnerability": "VCID-3tww-nhmh-gua6" }, { "vulnerability": "VCID-667g-8khd-kkhm" }, { "vulnerability": "VCID-6b9m-3w58-qydd" }, { "vulnerability": "VCID-6m1t-sn26-fbaf" }, { "vulnerability": "VCID-6wce-w5a8-2qet" }, { "vulnerability": "VCID-6wy1-juan-8ua8" }, { "vulnerability": "VCID-dxr7-qubc-tyb7" }, { "vulnerability": "VCID-ecmf-7x8a-jugv" }, { "vulnerability": "VCID-erx8-1tfq-kyce" }, { "vulnerability": "VCID-gshc-3brh-c3dr" }, { "vulnerability": "VCID-jwze-7mfw-r3ax" }, { "vulnerability": "VCID-npyt-d8qr-wqdj" }, { "vulnerability": "VCID-qdc5-1z7p-zqar" }, { "vulnerability": "VCID-r8en-yg26-w3a1" }, { "vulnerability": "VCID-re3h-pcpx-puhe" }, { "vulnerability": "VCID-rff5-96dg-qqgp" }, { "vulnerability": "VCID-ssxw-2rbk-cyfe" }, { "vulnerability": "VCID-t4bj-qz9s-s7eb" }, { "vulnerability": "VCID-w67x-2qg8-v7gv" }, { "vulnerability": "VCID-w7g1-ub97-gqdd" }, { "vulnerability": "VCID-zpz5-xyxk-4fby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@51.0.1-1" } ], "aliases": [ "CVE-2017-5390" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tjjd-y1pq-ckf4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62905?format=api", "vulnerability_id": "VCID-u1nc-fgsw-mkhc", "summary": "Mozilla developers and community members Gary Kwong, Olli Pettay, Tooru Fujisawa, Carsten Book, Andrew McCreight, Chris Pearce, Ronald Crane, Jan de Mooij, Julian Seward, Nicolas Pierron, Randell Jesup, Esther Monchari, Honza Bambas, and Philipp reported memory safety bugs present in Firefox 50.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5374", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01847", "scoring_system": "epss", "scoring_elements": "0.83024", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01847", "scoring_system": "epss", "scoring_elements": "0.82917", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01847", "scoring_system": "epss", "scoring_elements": "0.82991", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01847", "scoring_system": "epss", "scoring_elements": "0.82985", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01847", "scoring_system": "epss", "scoring_elements": "0.82981", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01847", "scoring_system": "epss", "scoring_elements": "0.8302", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01847", "scoring_system": "epss", "scoring_elements": "0.82934", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01847", "scoring_system": "epss", "scoring_elements": "0.82946", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01847", "scoring_system": "epss", "scoring_elements": "0.82943", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01847", "scoring_system": "epss", "scoring_elements": "0.82968", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01847", "scoring_system": "epss", "scoring_elements": "0.82975", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5374" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1325344%2C1317501%2C1311319%2C1329989%2C1300145%2C1322305%2C1288561%2C1295747%2C1318766%2C1297808%2C1321374%2C1324810%2C1313385%2C1319888%2C1302231%2C1307458%2C1293327%2C1315447%2C1319456", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1325344%2C1317501%2C1311319%2C1329989%2C1300145%2C1322305%2C1288561%2C1295747%2C1318766%2C1297808%2C1321374%2C1324810%2C1313385%2C1319888%2C1302231%2C1307458%2C1293327%2C1315447%2C1319456" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-01/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-01/" }, { "reference_url": "http://www.securityfocus.com/bid/95759", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/95759" }, { "reference_url": "http://www.securitytracker.com/id/1037693", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037693" }, { "reference_url": "https://security.archlinux.org/ASA-201701-39", "reference_id": "ASA-201701-39", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-39" }, { "reference_url": "https://security.archlinux.org/AVG-157", "reference_id": "AVG-157", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-157" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5374", "reference_id": "CVE-2017-5374", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5374" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01", "reference_id": "mfsa2017-01", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01" }, { "reference_url": "https://usn.ubuntu.com/3175-1/", "reference_id": "USN-3175-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3175-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371574?format=api", "purl": "pkg:alpm/archlinux/firefox@51.0.1-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-22xt-tnu1-gyhu" }, { "vulnerability": "VCID-3dy5-4e6w-3kgt" }, { "vulnerability": "VCID-3ehk-593t-abcp" }, { "vulnerability": "VCID-3nup-1513-ybaq" }, { "vulnerability": "VCID-3tww-nhmh-gua6" }, { "vulnerability": "VCID-667g-8khd-kkhm" }, { "vulnerability": "VCID-6b9m-3w58-qydd" }, { "vulnerability": "VCID-6m1t-sn26-fbaf" }, { "vulnerability": "VCID-6wce-w5a8-2qet" }, { "vulnerability": "VCID-6wy1-juan-8ua8" }, { "vulnerability": "VCID-dxr7-qubc-tyb7" }, { "vulnerability": "VCID-ecmf-7x8a-jugv" }, { "vulnerability": "VCID-erx8-1tfq-kyce" }, { "vulnerability": "VCID-gshc-3brh-c3dr" }, { "vulnerability": "VCID-jwze-7mfw-r3ax" }, { "vulnerability": "VCID-npyt-d8qr-wqdj" }, { "vulnerability": "VCID-qdc5-1z7p-zqar" }, { "vulnerability": "VCID-r8en-yg26-w3a1" }, { "vulnerability": "VCID-re3h-pcpx-puhe" }, { "vulnerability": "VCID-rff5-96dg-qqgp" }, { "vulnerability": "VCID-ssxw-2rbk-cyfe" }, { "vulnerability": "VCID-t4bj-qz9s-s7eb" }, { "vulnerability": "VCID-w67x-2qg8-v7gv" }, { "vulnerability": "VCID-w7g1-ub97-gqdd" }, { "vulnerability": "VCID-zpz5-xyxk-4fby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@51.0.1-1" } ], "aliases": [ "CVE-2017-5374" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u1nc-fgsw-mkhc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62893?format=api", "vulnerability_id": "VCID-vnuz-wp96-pqgt", "summary": "WebExtensions could use the mozAddonManager API by modifying the CSP headers on sites with the appropriate permissions and then using host requests to redirect script loads to a malicious site. This allows a malicious extension to then install additional extensions without explicit user permission.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5389", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00374", "scoring_system": "epss", "scoring_elements": "0.59095", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00374", "scoring_system": "epss", "scoring_elements": "0.58975", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00374", "scoring_system": "epss", "scoring_elements": "0.59112", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00374", "scoring_system": "epss", "scoring_elements": "0.59075", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00374", "scoring_system": "epss", "scoring_elements": "0.59111", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00374", "scoring_system": "epss", "scoring_elements": "0.59116", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00374", "scoring_system": "epss", "scoring_elements": "0.5905", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00374", "scoring_system": "epss", "scoring_elements": "0.59072", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00374", "scoring_system": "epss", "scoring_elements": "0.59037", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00374", "scoring_system": "epss", "scoring_elements": "0.59088", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00374", "scoring_system": "epss", "scoring_elements": "0.59094", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5389" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1308688", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1308688" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-01/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-01/" }, { "reference_url": "http://www.securityfocus.com/bid/95763", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/95763" }, { "reference_url": "http://www.securitytracker.com/id/1037693", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037693" }, { "reference_url": "https://security.archlinux.org/ASA-201701-39", "reference_id": "ASA-201701-39", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-39" }, { "reference_url": "https://security.archlinux.org/AVG-157", "reference_id": "AVG-157", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-157" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5389", "reference_id": "CVE-2017-5389", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:N" }, { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5389" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01", "reference_id": "mfsa2017-01", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01" }, { "reference_url": "https://usn.ubuntu.com/3175-1/", "reference_id": "USN-3175-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3175-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371574?format=api", "purl": "pkg:alpm/archlinux/firefox@51.0.1-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-22xt-tnu1-gyhu" }, { "vulnerability": "VCID-3dy5-4e6w-3kgt" }, { "vulnerability": "VCID-3ehk-593t-abcp" }, { "vulnerability": "VCID-3nup-1513-ybaq" }, { "vulnerability": "VCID-3tww-nhmh-gua6" }, { "vulnerability": "VCID-667g-8khd-kkhm" }, { "vulnerability": "VCID-6b9m-3w58-qydd" }, { "vulnerability": "VCID-6m1t-sn26-fbaf" }, { "vulnerability": "VCID-6wce-w5a8-2qet" }, { "vulnerability": "VCID-6wy1-juan-8ua8" }, { "vulnerability": "VCID-dxr7-qubc-tyb7" }, { "vulnerability": "VCID-ecmf-7x8a-jugv" }, { "vulnerability": "VCID-erx8-1tfq-kyce" }, { "vulnerability": "VCID-gshc-3brh-c3dr" }, { "vulnerability": "VCID-jwze-7mfw-r3ax" }, { "vulnerability": "VCID-npyt-d8qr-wqdj" }, { "vulnerability": "VCID-qdc5-1z7p-zqar" }, { "vulnerability": "VCID-r8en-yg26-w3a1" }, { "vulnerability": "VCID-re3h-pcpx-puhe" }, { "vulnerability": "VCID-rff5-96dg-qqgp" }, { "vulnerability": "VCID-ssxw-2rbk-cyfe" }, { "vulnerability": "VCID-t4bj-qz9s-s7eb" }, { "vulnerability": "VCID-w67x-2qg8-v7gv" }, { "vulnerability": "VCID-w7g1-ub97-gqdd" }, { "vulnerability": "VCID-zpz5-xyxk-4fby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@51.0.1-1" } ], "aliases": [ "CVE-2017-5389" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vnuz-wp96-pqgt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62555?format=api", "vulnerability_id": "VCID-vtwg-jhr9-nydc", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0190.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0190.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5386.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5386.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5386", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01186", "scoring_system": "epss", "scoring_elements": "0.78814", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01186", "scoring_system": "epss", "scoring_elements": "0.78787", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01186", "scoring_system": "epss", "scoring_elements": "0.78795", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01186", "scoring_system": "epss", "scoring_elements": "0.78818", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01186", "scoring_system": "epss", "scoring_elements": "0.78801", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01186", "scoring_system": "epss", "scoring_elements": "0.78792", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01186", "scoring_system": "epss", "scoring_elements": "0.7882", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01186", "scoring_system": "epss", "scoring_elements": "0.78741", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01186", "scoring_system": "epss", "scoring_elements": "0.78748", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01186", "scoring_system": "epss", "scoring_elements": "0.7878", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01186", "scoring_system": "epss", "scoring_elements": "0.78762", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5386" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1319070", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1319070" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3771" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-01/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-01/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-02/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-02/" }, { "reference_url": "http://www.securityfocus.com/bid/95769", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/95769" }, { "reference_url": "http://www.securitytracker.com/id/1037693", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037693" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416282", "reference_id": "1416282", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416282" }, { "reference_url": "https://security.archlinux.org/ASA-201701-39", "reference_id": "ASA-201701-39", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-39" }, { "reference_url": "https://security.archlinux.org/AVG-157", "reference_id": "AVG-157", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-157" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5386", "reference_id": "CVE-2017-5386", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5386" }, { "reference_url": "https://security.gentoo.org/glsa/201702-22", "reference_id": "GLSA-201702-22", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-22" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01", "reference_id": "mfsa2017-01", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-02", "reference_id": "mfsa2017-02", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0190", "reference_id": "RHSA-2017:0190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0190" }, { "reference_url": "https://usn.ubuntu.com/3175-1/", "reference_id": "USN-3175-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3175-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/371574?format=api", "purl": "pkg:alpm/archlinux/firefox@51.0.1-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-22xt-tnu1-gyhu" }, { "vulnerability": "VCID-3dy5-4e6w-3kgt" }, { "vulnerability": "VCID-3ehk-593t-abcp" }, { "vulnerability": "VCID-3nup-1513-ybaq" }, { "vulnerability": "VCID-3tww-nhmh-gua6" }, { "vulnerability": "VCID-667g-8khd-kkhm" }, { "vulnerability": "VCID-6b9m-3w58-qydd" }, { "vulnerability": "VCID-6m1t-sn26-fbaf" }, { "vulnerability": "VCID-6wce-w5a8-2qet" }, { "vulnerability": "VCID-6wy1-juan-8ua8" }, { "vulnerability": "VCID-dxr7-qubc-tyb7" }, { "vulnerability": "VCID-ecmf-7x8a-jugv" }, { "vulnerability": "VCID-erx8-1tfq-kyce" }, { "vulnerability": "VCID-gshc-3brh-c3dr" }, { "vulnerability": "VCID-jwze-7mfw-r3ax" }, { "vulnerability": "VCID-npyt-d8qr-wqdj" }, { "vulnerability": "VCID-qdc5-1z7p-zqar" }, { "vulnerability": "VCID-r8en-yg26-w3a1" }, { "vulnerability": "VCID-re3h-pcpx-puhe" }, { "vulnerability": "VCID-rff5-96dg-qqgp" }, { "vulnerability": "VCID-ssxw-2rbk-cyfe" }, { "vulnerability": "VCID-t4bj-qz9s-s7eb" }, { "vulnerability": "VCID-w67x-2qg8-v7gv" }, { "vulnerability": "VCID-w7g1-ub97-gqdd" }, { "vulnerability": "VCID-zpz5-xyxk-4fby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@51.0.1-1" } ], "aliases": [ "CVE-2017-5386" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vtwg-jhr9-nydc" } ], "risk_score": "10.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@51.0.1-1" }