Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:alpm/archlinux/firefox@52.0-1

Type alpm

Namespace archlinux

Name firefox

Version 52.0-1

Qualifiers

Subpath

Is_vulnerable false

Next_non_vulnerable_version 52.0.1-1

Latest_non_vulnerable_version 101.0-1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-22xt-tnu1-gyhu

vulnerability_id VCID-22xt-tnu1-gyhu

summary An attack can use a blob URL and script to spoof an arbitrary addressbar URL prefaced by blob: as the protocol, leading to user confusion and further spoofing attacks.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-5415

reference_id

reference_type

scores

value	0.29152
scoring_system	epss
scoring_elements	0.966
published_at	2026-04-21T12:55:00Z

value	0.29152
scoring_system	epss
scoring_elements	0.96551
published_at	2026-04-01T12:55:00Z

value	0.29152
scoring_system	epss
scoring_elements	0.96579
published_at	2026-04-09T12:55:00Z

value	0.29152
scoring_system	epss
scoring_elements	0.96582
published_at	2026-04-12T12:55:00Z

value	0.29152
scoring_system	epss
scoring_elements	0.96585
published_at	2026-04-13T12:55:00Z

value	0.29152
scoring_system	epss
scoring_elements	0.96591
published_at	2026-04-16T12:55:00Z

value	0.29152
scoring_system	epss
scoring_elements	0.96597
published_at	2026-04-18T12:55:00Z

value	0.29152
scoring_system	epss
scoring_elements	0.96561
published_at	2026-04-02T12:55:00Z

value	0.29152
scoring_system	epss
scoring_elements	0.96566
published_at	2026-04-04T12:55:00Z

value	0.29152
scoring_system	epss
scoring_elements	0.96569
published_at	2026-04-07T12:55:00Z

value	0.29152
scoring_system	epss
scoring_elements	0.96577
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-5415

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1321719
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1321719

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-05/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-05/

reference_url	http://www.securityfocus.com/bid/96692
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/96692

reference_url	http://www.securitytracker.com/id/1037966
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1037966

reference_url	https://security.archlinux.org/ASA-201703-3
reference_id	ASA-201703-3
reference_type
scores
url	https://security.archlinux.org/ASA-201703-3

reference_url

https://security.archlinux.org/AVG-194

reference_id

AVG-194

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-194

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://github.com/649/CVE-2017-5415/tree/209b7ae6882a18ae51b1222a68c040a3bc9a8bc5
reference_id	CVE-2017-5415
reference_type	exploit
scores
url	https://github.com/649/CVE-2017-5415/tree/209b7ae6882a18ae51b1222a68c040a3bc9a8bc5

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/local/44266.html
reference_id	CVE-2017-5415
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/local/44266.html

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-5415

reference_id

CVE-2017-5415

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:P/A:N

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2017-5415

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_id

mfsa2017-05

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_url	https://usn.ubuntu.com/3216-1/
reference_id	USN-3216-1
reference_type
scores
url	https://usn.ubuntu.com/3216-1/

fixed_packages

url	pkg:alpm/archlinux/firefox@52.0-1
purl	pkg:alpm/archlinux/firefox@52.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1

aliases CVE-2017-5415

risk_score 10.0

exploitability 2.0

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-22xt-tnu1-gyhu

url VCID-3dy5-4e6w-3kgt

vulnerability_id VCID-3dy5-4e6w-3kgt

summary A non-existent chrome.manifest file will attempt to be loaded during startup from the primary installation directory. If a malicious user with local access puts chrome.manifest and other referenced files in this directory, they will be loaded and activated during startup. This could result in malicious software being added without consent or modification of referenced installed files.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-5427

reference_id

reference_type

scores

value	0.00098
scoring_system	epss
scoring_elements	0.26879
published_at	2026-04-21T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.27048
published_at	2026-04-01T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.27029
published_at	2026-04-09T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.27032
published_at	2026-04-11T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.26988
published_at	2026-04-12T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.26931
published_at	2026-04-13T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.26941
published_at	2026-04-16T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.27088
published_at	2026-04-02T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.27124
published_at	2026-04-04T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.26915
published_at	2026-04-18T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.26983
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-5427

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1295542
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1295542

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.1
scoring_system	cvssv2
scoring_elements	AV:L/AC:M/Au:S/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-05/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-05/

reference_url	http://www.securityfocus.com/bid/96692
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/96692

reference_url	http://www.securitytracker.com/id/1037966
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1037966

reference_url	https://security.archlinux.org/ASA-201703-3
reference_id	ASA-201703-3
reference_type
scores
url	https://security.archlinux.org/ASA-201703-3

reference_url

https://security.archlinux.org/AVG-194

reference_id

AVG-194

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-194

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-5427

reference_id

CVE-2017-5427

reference_type

scores

value	1.9
scoring_system	cvssv2
scoring_elements	AV:L/AC:M/Au:N/C:N/I:P/A:N

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2017-5427

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_id

mfsa2017-05

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_url	https://usn.ubuntu.com/3216-1/
reference_id	USN-3216-1
reference_type
scores
url	https://usn.ubuntu.com/3216-1/

fixed_packages

url	pkg:alpm/archlinux/firefox@52.0-1
purl	pkg:alpm/archlinux/firefox@52.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1

aliases CVE-2017-5427

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3dy5-4e6w-3kgt

url VCID-3ehk-593t-abcp

vulnerability_id VCID-3ehk-593t-abcp

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could lead to the execution of arbitrary code.

references

reference_url	http://rhn.redhat.com/errata/RHSA-2017-0459.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2017-0459.html

reference_url	http://rhn.redhat.com/errata/RHSA-2017-0461.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2017-0461.html

reference_url	http://rhn.redhat.com/errata/RHSA-2017-0498.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2017-0498.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5408.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5408.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-5408

reference_id

reference_type

scores

value	0.01068
scoring_system	epss
scoring_elements	0.77747
published_at	2026-04-21T12:55:00Z

value	0.01068
scoring_system	epss
scoring_elements	0.77692
published_at	2026-04-04T12:55:00Z

value	0.01068
scoring_system	epss
scoring_elements	0.77675
published_at	2026-04-07T12:55:00Z

value	0.01068
scoring_system	epss
scoring_elements	0.77703
published_at	2026-04-08T12:55:00Z

value	0.01068
scoring_system	epss
scoring_elements	0.77708
published_at	2026-04-09T12:55:00Z

value	0.01068
scoring_system	epss
scoring_elements	0.77734
published_at	2026-04-11T12:55:00Z

value	0.01068
scoring_system	epss
scoring_elements	0.77718
published_at	2026-04-12T12:55:00Z

value	0.01068
scoring_system	epss
scoring_elements	0.77717
published_at	2026-04-13T12:55:00Z

value	0.01068
scoring_system	epss
scoring_elements	0.77754
published_at	2026-04-16T12:55:00Z

value	0.01068
scoring_system	epss
scoring_elements	0.77753
published_at	2026-04-18T12:55:00Z

value	0.01068
scoring_system	epss
scoring_elements	0.77658
published_at	2026-04-01T12:55:00Z

value	0.01068
scoring_system	epss
scoring_elements	0.77665
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-5408

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1313711
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1313711

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://www.debian.org/security/2017/dsa-3805
reference_id
reference_type
scores
url	https://www.debian.org/security/2017/dsa-3805

reference_url	https://www.debian.org/security/2017/dsa-3832
reference_id
reference_type
scores
url	https://www.debian.org/security/2017/dsa-3832

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-05/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-05/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-06/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-06/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-07/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-07/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-09/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-09/

reference_url	http://www.securityfocus.com/bid/96693
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/96693

reference_url	http://www.securitytracker.com/id/1037966
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1037966

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1429784
reference_id	1429784
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1429784

reference_url	https://security.archlinux.org/ASA-201703-2
reference_id	ASA-201703-2
reference_type
scores
url	https://security.archlinux.org/ASA-201703-2

reference_url	https://security.archlinux.org/ASA-201703-3
reference_id	ASA-201703-3
reference_type
scores
url	https://security.archlinux.org/ASA-201703-3

reference_url

https://security.archlinux.org/AVG-193

reference_id

AVG-193

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-193

reference_url

https://security.archlinux.org/AVG-194

reference_id

AVG-194

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-194

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-5408

reference_id

CVE-2017-5408

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:N

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2017-5408

reference_url	https://security.gentoo.org/glsa/201705-06
reference_id	GLSA-201705-06
reference_type
scores
url	https://security.gentoo.org/glsa/201705-06

reference_url	https://security.gentoo.org/glsa/201705-07
reference_id	GLSA-201705-07
reference_type
scores
url	https://security.gentoo.org/glsa/201705-07

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_id

mfsa2017-05

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-06

reference_id

mfsa2017-06

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-07

reference_id

mfsa2017-07

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-07

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

reference_id

mfsa2017-09

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

reference_url	https://access.redhat.com/errata/RHSA-2017:0459
reference_id	RHSA-2017:0459
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0459

reference_url	https://access.redhat.com/errata/RHSA-2017:0461
reference_id	RHSA-2017:0461
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0461

reference_url	https://access.redhat.com/errata/RHSA-2017:0498
reference_id	RHSA-2017:0498
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0498

reference_url	https://usn.ubuntu.com/3216-1/
reference_id	USN-3216-1
reference_type
scores
url	https://usn.ubuntu.com/3216-1/

reference_url	https://usn.ubuntu.com/3233-1/
reference_id	USN-3233-1
reference_type
scores
url	https://usn.ubuntu.com/3233-1/

fixed_packages

url	pkg:alpm/archlinux/firefox@52.0-1
purl	pkg:alpm/archlinux/firefox@52.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1

aliases CVE-2017-5408

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3ehk-593t-abcp

url VCID-3nup-1513-ybaq

vulnerability_id VCID-3nup-1513-ybaq

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could lead to the execution of arbitrary code.

references

reference_url	http://rhn.redhat.com/errata/RHSA-2017-0459.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2017-0459.html

reference_url	http://rhn.redhat.com/errata/RHSA-2017-0461.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2017-0461.html

reference_url	http://rhn.redhat.com/errata/RHSA-2017-0498.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2017-0498.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5400.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5400.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-5400

reference_id

reference_type

scores

value	0.00999
scoring_system	epss
scoring_elements	0.77008
published_at	2026-04-21T12:55:00Z

value	0.00999
scoring_system	epss
scoring_elements	0.76945
published_at	2026-04-04T12:55:00Z

value	0.00999
scoring_system	epss
scoring_elements	0.76928
published_at	2026-04-07T12:55:00Z

value	0.00999
scoring_system	epss
scoring_elements	0.7696
published_at	2026-04-08T12:55:00Z

value	0.00999
scoring_system	epss
scoring_elements	0.76971
published_at	2026-04-09T12:55:00Z

value	0.00999
scoring_system	epss
scoring_elements	0.76999
published_at	2026-04-11T12:55:00Z

value	0.00999
scoring_system	epss
scoring_elements	0.76978
published_at	2026-04-12T12:55:00Z

value	0.00999
scoring_system	epss
scoring_elements	0.76973
published_at	2026-04-13T12:55:00Z

value	0.00999
scoring_system	epss
scoring_elements	0.77013
published_at	2026-04-16T12:55:00Z

value	0.00999
scoring_system	epss
scoring_elements	0.77015
published_at	2026-04-18T12:55:00Z

value	0.00999
scoring_system	epss
scoring_elements	0.76909
published_at	2026-04-01T12:55:00Z

value	0.00999
scoring_system	epss
scoring_elements	0.76915
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-5400

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1334933
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1334933

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://www.debian.org/security/2017/dsa-3805
reference_id
reference_type
scores
url	https://www.debian.org/security/2017/dsa-3805

reference_url	https://www.debian.org/security/2017/dsa-3832
reference_id
reference_type
scores
url	https://www.debian.org/security/2017/dsa-3832

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-05/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-05/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-06/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-06/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-07/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-07/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-09/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-09/

reference_url	http://www.securityfocus.com/bid/96654
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/96654

reference_url	http://www.securitytracker.com/id/1037966
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1037966

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1429778
reference_id	1429778
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1429778

reference_url	https://security.archlinux.org/ASA-201703-2
reference_id	ASA-201703-2
reference_type
scores
url	https://security.archlinux.org/ASA-201703-2

reference_url	https://security.archlinux.org/ASA-201703-3
reference_id	ASA-201703-3
reference_type
scores
url	https://security.archlinux.org/ASA-201703-3

reference_url

https://security.archlinux.org/AVG-193

reference_id

AVG-193

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-193

reference_url

https://security.archlinux.org/AVG-194

reference_id

AVG-194

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-194

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-5400

reference_id

CVE-2017-5400

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-5400

reference_url	https://security.gentoo.org/glsa/201705-06
reference_id	GLSA-201705-06
reference_type
scores
url	https://security.gentoo.org/glsa/201705-06

reference_url	https://security.gentoo.org/glsa/201705-07
reference_id	GLSA-201705-07
reference_type
scores
url	https://security.gentoo.org/glsa/201705-07

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_id

mfsa2017-05

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-06

reference_id

mfsa2017-06

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-07

reference_id

mfsa2017-07

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-07

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

reference_id

mfsa2017-09

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

reference_url	https://access.redhat.com/errata/RHSA-2017:0459
reference_id	RHSA-2017:0459
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0459

reference_url	https://access.redhat.com/errata/RHSA-2017:0461
reference_id	RHSA-2017:0461
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0461

reference_url	https://access.redhat.com/errata/RHSA-2017:0498
reference_id	RHSA-2017:0498
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0498

reference_url	https://usn.ubuntu.com/3216-1/
reference_id	USN-3216-1
reference_type
scores
url	https://usn.ubuntu.com/3216-1/

reference_url	https://usn.ubuntu.com/3233-1/
reference_id	USN-3233-1
reference_type
scores
url	https://usn.ubuntu.com/3233-1/

fixed_packages

url	pkg:alpm/archlinux/firefox@52.0-1
purl	pkg:alpm/archlinux/firefox@52.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1

aliases CVE-2017-5400

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3nup-1513-ybaq

url VCID-3tww-nhmh-gua6

vulnerability_id VCID-3tww-nhmh-gua6

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could lead to the execution of arbitrary code.

references

reference_url	http://rhn.redhat.com/errata/RHSA-2017-0459.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2017-0459.html

reference_url	http://rhn.redhat.com/errata/RHSA-2017-0461.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2017-0461.html

reference_url	http://rhn.redhat.com/errata/RHSA-2017-0498.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2017-0498.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5410.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5410.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-5410

reference_id

reference_type

scores

value	0.02531
scoring_system	epss
scoring_elements	0.85468
published_at	2026-04-18T12:55:00Z

value	0.02531
scoring_system	epss
scoring_elements	0.85464
published_at	2026-04-21T12:55:00Z

value	0.02531
scoring_system	epss
scoring_elements	0.8544
published_at	2026-04-13T12:55:00Z

value	0.02531
scoring_system	epss
scoring_elements	0.85367
published_at	2026-04-01T12:55:00Z

value	0.02531
scoring_system	epss
scoring_elements	0.85443
published_at	2026-04-12T12:55:00Z

value	0.02531
scoring_system	epss
scoring_elements	0.85445
published_at	2026-04-11T12:55:00Z

value	0.02531
scoring_system	epss
scoring_elements	0.85431
published_at	2026-04-09T12:55:00Z

value	0.02531
scoring_system	epss
scoring_elements	0.85422
published_at	2026-04-08T12:55:00Z

value	0.02531
scoring_system	epss
scoring_elements	0.85401
published_at	2026-04-07T12:55:00Z

value	0.02531
scoring_system	epss
scoring_elements	0.85398
published_at	2026-04-04T12:55:00Z

value	0.02531
scoring_system	epss
scoring_elements	0.85379
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-5410

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1330687
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1330687

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://www.debian.org/security/2017/dsa-3805
reference_id
reference_type
scores
url	https://www.debian.org/security/2017/dsa-3805

reference_url	https://www.debian.org/security/2017/dsa-3832
reference_id
reference_type
scores
url	https://www.debian.org/security/2017/dsa-3832

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-05/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-05/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-06/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-06/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-07/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-07/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-09/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-09/

reference_url	http://www.securityfocus.com/bid/96693
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/96693

reference_url	http://www.securitytracker.com/id/1037966
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1037966

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1429783
reference_id	1429783
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1429783

reference_url	https://security.archlinux.org/ASA-201703-2
reference_id	ASA-201703-2
reference_type
scores
url	https://security.archlinux.org/ASA-201703-2

reference_url	https://security.archlinux.org/ASA-201703-3
reference_id	ASA-201703-3
reference_type
scores
url	https://security.archlinux.org/ASA-201703-3

reference_url

https://security.archlinux.org/AVG-193

reference_id

AVG-193

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-193

reference_url

https://security.archlinux.org/AVG-194

reference_id

AVG-194

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-194

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-5410

reference_id

CVE-2017-5410

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-5410

reference_url	https://security.gentoo.org/glsa/201705-06
reference_id	GLSA-201705-06
reference_type
scores
url	https://security.gentoo.org/glsa/201705-06

reference_url	https://security.gentoo.org/glsa/201705-07
reference_id	GLSA-201705-07
reference_type
scores
url	https://security.gentoo.org/glsa/201705-07

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_id

mfsa2017-05

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-06

reference_id

mfsa2017-06

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-07

reference_id

mfsa2017-07

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-07

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

reference_id

mfsa2017-09

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

reference_url	https://access.redhat.com/errata/RHSA-2017:0459
reference_id	RHSA-2017:0459
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0459

reference_url	https://access.redhat.com/errata/RHSA-2017:0461
reference_id	RHSA-2017:0461
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0461

reference_url	https://access.redhat.com/errata/RHSA-2017:0498
reference_id	RHSA-2017:0498
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0498

reference_url	https://usn.ubuntu.com/3216-1/
reference_id	USN-3216-1
reference_type
scores
url	https://usn.ubuntu.com/3216-1/

reference_url	https://usn.ubuntu.com/3233-1/
reference_id	USN-3233-1
reference_type
scores
url	https://usn.ubuntu.com/3233-1/

fixed_packages

url	pkg:alpm/archlinux/firefox@52.0-1
purl	pkg:alpm/archlinux/firefox@52.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1

aliases CVE-2017-5410

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3tww-nhmh-gua6

url VCID-667g-8khd-kkhm

vulnerability_id VCID-667g-8khd-kkhm

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could lead to the execution of arbitrary code.

references

reference_url	http://rhn.redhat.com/errata/RHSA-2017-0459.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2017-0459.html

reference_url	http://rhn.redhat.com/errata/RHSA-2017-0461.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2017-0461.html

reference_url	http://rhn.redhat.com/errata/RHSA-2017-0498.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2017-0498.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5407.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5407.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-5407

reference_id

reference_type

scores

value	0.01045
scoring_system	epss
scoring_elements	0.77509
published_at	2026-04-21T12:55:00Z

value	0.01045
scoring_system	epss
scoring_elements	0.77458
published_at	2026-04-04T12:55:00Z

value	0.01045
scoring_system	epss
scoring_elements	0.77438
published_at	2026-04-07T12:55:00Z

value	0.01045
scoring_system	epss
scoring_elements	0.77468
published_at	2026-04-08T12:55:00Z

value	0.01045
scoring_system	epss
scoring_elements	0.77477
published_at	2026-04-09T12:55:00Z

value	0.01045
scoring_system	epss
scoring_elements	0.77503
published_at	2026-04-11T12:55:00Z

value	0.01045
scoring_system	epss
scoring_elements	0.77484
published_at	2026-04-12T12:55:00Z

value	0.01045
scoring_system	epss
scoring_elements	0.7748
published_at	2026-04-13T12:55:00Z

value	0.01045
scoring_system	epss
scoring_elements	0.77519
published_at	2026-04-16T12:55:00Z

value	0.01045
scoring_system	epss
scoring_elements	0.77516
published_at	2026-04-18T12:55:00Z

value	0.01045
scoring_system	epss
scoring_elements	0.77426
published_at	2026-04-01T12:55:00Z

value	0.01045
scoring_system	epss
scoring_elements	0.77433
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-5407

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1336622
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1336622

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://www.debian.org/security/2017/dsa-3805
reference_id
reference_type
scores
url	https://www.debian.org/security/2017/dsa-3805

reference_url	https://www.debian.org/security/2017/dsa-3832
reference_id
reference_type
scores
url	https://www.debian.org/security/2017/dsa-3832

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-05/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-05/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-06/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-06/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-07/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-07/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-09/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-09/

reference_url	http://www.securityfocus.com/bid/96693
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/96693

reference_url	http://www.securitytracker.com/id/1037966
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1037966

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1429782
reference_id	1429782
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1429782

reference_url	https://security.archlinux.org/ASA-201703-2
reference_id	ASA-201703-2
reference_type
scores
url	https://security.archlinux.org/ASA-201703-2

reference_url	https://security.archlinux.org/ASA-201703-3
reference_id	ASA-201703-3
reference_type
scores
url	https://security.archlinux.org/ASA-201703-3

reference_url

https://security.archlinux.org/AVG-193

reference_id

AVG-193

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-193

reference_url

https://security.archlinux.org/AVG-194

reference_id

AVG-194

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-194

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-5407

reference_id

CVE-2017-5407

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:N/A:N

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2017-5407

reference_url	https://security.gentoo.org/glsa/201705-06
reference_id	GLSA-201705-06
reference_type
scores
url	https://security.gentoo.org/glsa/201705-06

reference_url	https://security.gentoo.org/glsa/201705-07
reference_id	GLSA-201705-07
reference_type
scores
url	https://security.gentoo.org/glsa/201705-07

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_id

mfsa2017-05

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-06

reference_id

mfsa2017-06

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-07

reference_id

mfsa2017-07

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-07

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

reference_id

mfsa2017-09

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

reference_url	https://access.redhat.com/errata/RHSA-2017:0459
reference_id	RHSA-2017:0459
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0459

reference_url	https://access.redhat.com/errata/RHSA-2017:0461
reference_id	RHSA-2017:0461
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0461

reference_url	https://access.redhat.com/errata/RHSA-2017:0498
reference_id	RHSA-2017:0498
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0498

reference_url	https://usn.ubuntu.com/3216-1/
reference_id	USN-3216-1
reference_type
scores
url	https://usn.ubuntu.com/3216-1/

reference_url	https://usn.ubuntu.com/3233-1/
reference_id	USN-3233-1
reference_type
scores
url	https://usn.ubuntu.com/3233-1/

fixed_packages

url	pkg:alpm/archlinux/firefox@52.0-1
purl	pkg:alpm/archlinux/firefox@52.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1

aliases CVE-2017-5407

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-667g-8khd-kkhm

url VCID-6b9m-3w58-qydd

vulnerability_id VCID-6b9m-3w58-qydd

summary The file picker dialog can choose and display the wrong local default directory when instantiated. On some operating systems, this can lead to information disclosure, such as the operating system or the local account name.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-5414

reference_id

reference_type

scores

value	0.0013
scoring_system	epss
scoring_elements	0.32388
published_at	2026-04-21T12:55:00Z

value	0.0013
scoring_system	epss
scoring_elements	0.32464
published_at	2026-04-09T12:55:00Z

value	0.0013
scoring_system	epss
scoring_elements	0.32468
published_at	2026-04-11T12:55:00Z

value	0.0013
scoring_system	epss
scoring_elements	0.3243
published_at	2026-04-12T12:55:00Z

value	0.0013
scoring_system	epss
scoring_elements	0.32403
published_at	2026-04-13T12:55:00Z

value	0.0013
scoring_system	epss
scoring_elements	0.3244
published_at	2026-04-16T12:55:00Z

value	0.0013
scoring_system	epss
scoring_elements	0.32417
published_at	2026-04-18T12:55:00Z

value	0.0013
scoring_system	epss
scoring_elements	0.3238
published_at	2026-04-01T12:55:00Z

value	0.0013
scoring_system	epss
scoring_elements	0.3253
published_at	2026-04-02T12:55:00Z

value	0.0013
scoring_system	epss
scoring_elements	0.32565
published_at	2026-04-04T12:55:00Z

value	0.0013
scoring_system	epss
scoring_elements	0.32389
published_at	2026-04-07T12:55:00Z

value	0.0013
scoring_system	epss
scoring_elements	0.32437
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-5414

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1319370
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1319370

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-05/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-05/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-09/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-09/

reference_url	http://www.securityfocus.com/bid/96692
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/96692

reference_url	http://www.securitytracker.com/id/1037966
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1037966

reference_url	https://security.archlinux.org/ASA-201703-3
reference_id	ASA-201703-3
reference_type
scores
url	https://security.archlinux.org/ASA-201703-3

reference_url

https://security.archlinux.org/AVG-194

reference_id

AVG-194

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-194

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-5414

reference_id

CVE-2017-5414

reference_type

scores

value	4.9
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:C/I:N/A:N

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2017-5414

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_id

mfsa2017-05

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

reference_id

mfsa2017-09

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

reference_url	https://usn.ubuntu.com/3216-1/
reference_id	USN-3216-1
reference_type
scores
url	https://usn.ubuntu.com/3216-1/

fixed_packages

url	pkg:alpm/archlinux/firefox@52.0-1
purl	pkg:alpm/archlinux/firefox@52.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1

aliases CVE-2017-5414

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6b9m-3w58-qydd

url VCID-6m1t-sn26-fbaf

vulnerability_id VCID-6m1t-sn26-fbaf

summary When adding a range to an object in the DOM, it is possible to use addRange to add the range to an incorrect root object. This triggers a use-after-free, resulting in a potentially exploitable crash.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-5403

reference_id

reference_type

scores

value	0.00516
scoring_system	epss
scoring_elements	0.66706
published_at	2026-04-21T12:55:00Z

value	0.00516
scoring_system	epss
scoring_elements	0.66696
published_at	2026-04-09T12:55:00Z

value	0.00516
scoring_system	epss
scoring_elements	0.66715
published_at	2026-04-11T12:55:00Z

value	0.00516
scoring_system	epss
scoring_elements	0.66703
published_at	2026-04-12T12:55:00Z

value	0.00516
scoring_system	epss
scoring_elements	0.66673
published_at	2026-04-13T12:55:00Z

value	0.00516
scoring_system	epss
scoring_elements	0.66707
published_at	2026-04-16T12:55:00Z

value	0.00516
scoring_system	epss
scoring_elements	0.66721
published_at	2026-04-18T12:55:00Z

value	0.00516
scoring_system	epss
scoring_elements	0.66592
published_at	2026-04-01T12:55:00Z

value	0.00516
scoring_system	epss
scoring_elements	0.66632
published_at	2026-04-07T12:55:00Z

value	0.00516
scoring_system	epss
scoring_elements	0.66659
published_at	2026-04-04T12:55:00Z

value	0.00516
scoring_system	epss
scoring_elements	0.66681
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-5403

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1340186
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1340186

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-05/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-05/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-09/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-09/

reference_url	http://www.securityfocus.com/bid/96691
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/96691

reference_url	http://www.securitytracker.com/id/1037966
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1037966

reference_url	https://security.archlinux.org/ASA-201703-3
reference_id	ASA-201703-3
reference_type
scores
url	https://security.archlinux.org/ASA-201703-3

reference_url

https://security.archlinux.org/AVG-194

reference_id

AVG-194

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-194

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-5403

reference_id

CVE-2017-5403

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-5403

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_id

mfsa2017-05

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

reference_id

mfsa2017-09

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

reference_url	https://usn.ubuntu.com/3216-1/
reference_id	USN-3216-1
reference_type
scores
url	https://usn.ubuntu.com/3216-1/

fixed_packages

url	pkg:alpm/archlinux/firefox@52.0-1
purl	pkg:alpm/archlinux/firefox@52.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1

aliases CVE-2017-5403

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6m1t-sn26-fbaf

url VCID-6wce-w5a8-2qet

vulnerability_id VCID-6wce-w5a8-2qet

summary If a malicious site uses the view-source: protocol in a series within a single hyperlink, it can trigger a non-exploitable browser crash when the hyperlink is selected. This was fixed by no longer making view-source: linkable.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-5422

reference_id

reference_type

scores

value	0.00736
scoring_system	epss
scoring_elements	0.7285
published_at	2026-04-21T12:55:00Z

value	0.00736
scoring_system	epss
scoring_elements	0.72807
published_at	2026-04-09T12:55:00Z

value	0.00736
scoring_system	epss
scoring_elements	0.72832
published_at	2026-04-11T12:55:00Z

value	0.00736
scoring_system	epss
scoring_elements	0.72815
published_at	2026-04-12T12:55:00Z

value	0.00736
scoring_system	epss
scoring_elements	0.72806
published_at	2026-04-13T12:55:00Z

value	0.00736
scoring_system	epss
scoring_elements	0.72848
published_at	2026-04-16T12:55:00Z

value	0.00736
scoring_system	epss
scoring_elements	0.72858
published_at	2026-04-18T12:55:00Z

value	0.00736
scoring_system	epss
scoring_elements	0.72752
published_at	2026-04-01T12:55:00Z

value	0.00736
scoring_system	epss
scoring_elements	0.72759
published_at	2026-04-02T12:55:00Z

value	0.00736
scoring_system	epss
scoring_elements	0.72779
published_at	2026-04-04T12:55:00Z

value	0.00736
scoring_system	epss
scoring_elements	0.72755
published_at	2026-04-07T12:55:00Z

value	0.00736
scoring_system	epss
scoring_elements	0.72794
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-5422

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1295002
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1295002

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-05/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-05/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-09/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-09/

reference_url	http://www.securityfocus.com/bid/96692
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/96692

reference_url	http://www.securitytracker.com/id/1037966
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1037966

reference_url	https://security.archlinux.org/ASA-201703-3
reference_id	ASA-201703-3
reference_type
scores
url	https://security.archlinux.org/ASA-201703-3

reference_url

https://security.archlinux.org/AVG-194

reference_id

AVG-194

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-194

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-5422

reference_id

CVE-2017-5422

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-5422

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_id

mfsa2017-05

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

reference_id

mfsa2017-09

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

reference_url	https://usn.ubuntu.com/3216-1/
reference_id	USN-3216-1
reference_type
scores
url	https://usn.ubuntu.com/3216-1/

fixed_packages

url	pkg:alpm/archlinux/firefox@52.0-1
purl	pkg:alpm/archlinux/firefox@52.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1

aliases CVE-2017-5422

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6wce-w5a8-2qet

url VCID-6wy1-juan-8ua8

vulnerability_id VCID-6wy1-juan-8ua8

summary When dragging content from the primary browser pane to the addressbar on a malicious site, it is possible to change the addressbar so that the displayed location following navigation does not match the URL of the newly loaded page. This allows for spoofing attacks.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-5417

reference_id

reference_type

scores

value	0.00369
scoring_system	epss
scoring_elements	0.58789
published_at	2026-04-21T12:55:00Z

value	0.00369
scoring_system	epss
scoring_elements	0.58661
published_at	2026-04-01T12:55:00Z

value	0.00369
scoring_system	epss
scoring_elements	0.58786
published_at	2026-04-08T12:55:00Z

value	0.00369
scoring_system	epss
scoring_elements	0.58793
published_at	2026-04-12T12:55:00Z

value	0.00369
scoring_system	epss
scoring_elements	0.58811
published_at	2026-04-18T12:55:00Z

value	0.00369
scoring_system	epss
scoring_elements	0.58773
published_at	2026-04-13T12:55:00Z

value	0.00369
scoring_system	epss
scoring_elements	0.58806
published_at	2026-04-16T12:55:00Z

value	0.00369
scoring_system	epss
scoring_elements	0.58744
published_at	2026-04-02T12:55:00Z

value	0.00369
scoring_system	epss
scoring_elements	0.58765
published_at	2026-04-04T12:55:00Z

value	0.00369
scoring_system	epss
scoring_elements	0.58733
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-5417

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=791597
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=791597

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-05/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-05/

reference_url	http://www.securityfocus.com/bid/96692
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/96692

reference_url	http://www.securitytracker.com/id/1037966
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1037966

reference_url	https://security.archlinux.org/ASA-201703-3
reference_id	ASA-201703-3
reference_type
scores
url	https://security.archlinux.org/ASA-201703-3

reference_url

https://security.archlinux.org/AVG-194

reference_id

AVG-194

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-194

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-5417

reference_id

CVE-2017-5417

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:P/A:N

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2017-5417

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_id

mfsa2017-05

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_url	https://usn.ubuntu.com/3216-1/
reference_id	USN-3216-1
reference_type
scores
url	https://usn.ubuntu.com/3216-1/

fixed_packages

url	pkg:alpm/archlinux/firefox@52.0-1
purl	pkg:alpm/archlinux/firefox@52.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1

aliases CVE-2017-5417

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6wy1-juan-8ua8

url VCID-dxr7-qubc-tyb7

vulnerability_id VCID-dxr7-qubc-tyb7

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could lead to the execution of arbitrary code.

references

reference_url	http://rhn.redhat.com/errata/RHSA-2017-0459.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2017-0459.html

reference_url	http://rhn.redhat.com/errata/RHSA-2017-0461.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2017-0461.html

reference_url	http://rhn.redhat.com/errata/RHSA-2017-0498.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2017-0498.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5401.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5401.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-5401

reference_id

reference_type

scores

value	0.02199
scoring_system	epss
scoring_elements	0.8444
published_at	2026-04-21T12:55:00Z

value	0.02199
scoring_system	epss
scoring_elements	0.84437
published_at	2026-04-18T12:55:00Z

value	0.02199
scoring_system	epss
scoring_elements	0.84414
published_at	2026-04-13T12:55:00Z

value	0.02199
scoring_system	epss
scoring_elements	0.84343
published_at	2026-04-01T12:55:00Z

value	0.02199
scoring_system	epss
scoring_elements	0.84418
published_at	2026-04-12T12:55:00Z

value	0.02199
scoring_system	epss
scoring_elements	0.84425
published_at	2026-04-11T12:55:00Z

value	0.02199
scoring_system	epss
scoring_elements	0.84407
published_at	2026-04-09T12:55:00Z

value	0.02199
scoring_system	epss
scoring_elements	0.84402
published_at	2026-04-08T12:55:00Z

value	0.02199
scoring_system	epss
scoring_elements	0.8438
published_at	2026-04-07T12:55:00Z

value	0.02199
scoring_system	epss
scoring_elements	0.84378
published_at	2026-04-04T12:55:00Z

value	0.02199
scoring_system	epss
scoring_elements	0.84357
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-5401

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1328861
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1328861

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://www.debian.org/security/2017/dsa-3805
reference_id
reference_type
scores
url	https://www.debian.org/security/2017/dsa-3805

reference_url	https://www.debian.org/security/2017/dsa-3832
reference_id
reference_type
scores
url	https://www.debian.org/security/2017/dsa-3832

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-05/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-05/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-06/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-06/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-07/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-07/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-09/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-09/

reference_url	http://www.securityfocus.com/bid/96677
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/96677

reference_url	http://www.securitytracker.com/id/1037966
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1037966

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1429779
reference_id	1429779
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1429779

reference_url	https://security.archlinux.org/ASA-201703-2
reference_id	ASA-201703-2
reference_type
scores
url	https://security.archlinux.org/ASA-201703-2

reference_url	https://security.archlinux.org/ASA-201703-3
reference_id	ASA-201703-3
reference_type
scores
url	https://security.archlinux.org/ASA-201703-3

reference_url

https://security.archlinux.org/AVG-193

reference_id

AVG-193

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-193

reference_url

https://security.archlinux.org/AVG-194

reference_id

AVG-194

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-194

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-5401

reference_id

CVE-2017-5401

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-5401

reference_url	https://security.gentoo.org/glsa/201705-06
reference_id	GLSA-201705-06
reference_type
scores
url	https://security.gentoo.org/glsa/201705-06

reference_url	https://security.gentoo.org/glsa/201705-07
reference_id	GLSA-201705-07
reference_type
scores
url	https://security.gentoo.org/glsa/201705-07

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_id

mfsa2017-05

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-06

reference_id

mfsa2017-06

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-07

reference_id

mfsa2017-07

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-07

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

reference_id

mfsa2017-09

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

reference_url	https://access.redhat.com/errata/RHSA-2017:0459
reference_id	RHSA-2017:0459
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0459

reference_url	https://access.redhat.com/errata/RHSA-2017:0461
reference_id	RHSA-2017:0461
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0461

reference_url	https://access.redhat.com/errata/RHSA-2017:0498
reference_id	RHSA-2017:0498
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0498

reference_url	https://usn.ubuntu.com/3216-1/
reference_id	USN-3216-1
reference_type
scores
url	https://usn.ubuntu.com/3216-1/

reference_url	https://usn.ubuntu.com/3233-1/
reference_id	USN-3233-1
reference_type
scores
url	https://usn.ubuntu.com/3233-1/

fixed_packages

url	pkg:alpm/archlinux/firefox@52.0-1
purl	pkg:alpm/archlinux/firefox@52.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1

aliases CVE-2017-5401

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dxr7-qubc-tyb7

url VCID-ecmf-7x8a-jugv

vulnerability_id VCID-ecmf-7x8a-jugv

summary A segmentation fault can occur during some bidirectional layout operations.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-5413

reference_id

reference_type

scores

value	0.00564
scoring_system	epss
scoring_elements	0.6842
published_at	2026-04-21T12:55:00Z

value	0.00564
scoring_system	epss
scoring_elements	0.68409
published_at	2026-04-09T12:55:00Z

value	0.00564
scoring_system	epss
scoring_elements	0.68436
published_at	2026-04-11T12:55:00Z

value	0.00564
scoring_system	epss
scoring_elements	0.68424
published_at	2026-04-12T12:55:00Z

value	0.00564
scoring_system	epss
scoring_elements	0.68391
published_at	2026-04-13T12:55:00Z

value	0.00564
scoring_system	epss
scoring_elements	0.68428
published_at	2026-04-16T12:55:00Z

value	0.00564
scoring_system	epss
scoring_elements	0.68442
published_at	2026-04-18T12:55:00Z

value	0.00564
scoring_system	epss
scoring_elements	0.68325
published_at	2026-04-01T12:55:00Z

value	0.00564
scoring_system	epss
scoring_elements	0.68345
published_at	2026-04-02T12:55:00Z

value	0.00564
scoring_system	epss
scoring_elements	0.68364
published_at	2026-04-04T12:55:00Z

value	0.00564
scoring_system	epss
scoring_elements	0.68341
published_at	2026-04-07T12:55:00Z

value	0.00564
scoring_system	epss
scoring_elements	0.68392
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-5413

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1337504
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1337504

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-05/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-05/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-09/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-09/

reference_url	http://www.securityfocus.com/bid/96692
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/96692

reference_url	http://www.securitytracker.com/id/1037966
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1037966

reference_url	https://security.archlinux.org/ASA-201703-3
reference_id	ASA-201703-3
reference_type
scores
url	https://security.archlinux.org/ASA-201703-3

reference_url

https://security.archlinux.org/AVG-194

reference_id

AVG-194

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-194

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-5413

reference_id

CVE-2017-5413

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-5413

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_id

mfsa2017-05

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

reference_id

mfsa2017-09

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

reference_url	https://usn.ubuntu.com/3216-1/
reference_id	USN-3216-1
reference_type
scores
url	https://usn.ubuntu.com/3216-1/

fixed_packages

url	pkg:alpm/archlinux/firefox@52.0-1
purl	pkg:alpm/archlinux/firefox@52.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1

aliases CVE-2017-5413

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ecmf-7x8a-jugv

url VCID-erx8-1tfq-kyce

vulnerability_id VCID-erx8-1tfq-kyce

summary Mozilla developers and community members Carsten Book, Calixte Denizet, Christian Holler, Andrew McCreight, David Bolter, David Keeler, Jon Coppeard, Tyson Smith, Ronald Crane, Tooru Fujisawa, Ben Kelly, Bob Owen, Jed Davis, Julian Seward, Julian Hector, Philipp, Markus Stange, and André Bargull reported memory safety bugs present in Firefox 51. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-5399

reference_id

reference_type

scores

value	0.00731
scoring_system	epss
scoring_elements	0.72724
published_at	2026-04-21T12:55:00Z

value	0.00731
scoring_system	epss
scoring_elements	0.72682
published_at	2026-04-09T12:55:00Z

value	0.00731
scoring_system	epss
scoring_elements	0.72705
published_at	2026-04-11T12:55:00Z

value	0.00731
scoring_system	epss
scoring_elements	0.72688
published_at	2026-04-12T12:55:00Z

value	0.00731
scoring_system	epss
scoring_elements	0.72678
published_at	2026-04-13T12:55:00Z

value	0.00731
scoring_system	epss
scoring_elements	0.7272
published_at	2026-04-16T12:55:00Z

value	0.00731
scoring_system	epss
scoring_elements	0.72731
published_at	2026-04-18T12:55:00Z

value	0.00731
scoring_system	epss
scoring_elements	0.72627
published_at	2026-04-01T12:55:00Z

value	0.00731
scoring_system	epss
scoring_elements	0.72635
published_at	2026-04-02T12:55:00Z

value	0.00731
scoring_system	epss
scoring_elements	0.72652
published_at	2026-04-04T12:55:00Z

value	0.00731
scoring_system	epss
scoring_elements	0.7263
published_at	2026-04-07T12:55:00Z

value	0.00731
scoring_system	epss
scoring_elements	0.72669
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-5399

reference_url	https://bugzilla.mozilla.org/buglist.cgi?bug_id=1332569%2C1315248%2C1261335%2C1321038%2C1331771%2C1339566%2C1339591%2C1240893%2C1341905%2C1323241%2C1336467%2C1270288%2C1295299%2C1296024%2C1304201%2C1306142%2C1307557%2C1308036%2C1334246%2C1334290%2C1317085%2C1339116%2C1324000%2C1323150%2C1332501%2C1320894%2C1333752%2C1303713%2C1321566%2C1264053%2C1343513
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/buglist.cgi?bug_id=1332569%2C1315248%2C1261335%2C1321038%2C1331771%2C1339566%2C1339591%2C1240893%2C1341905%2C1323241%2C1336467%2C1270288%2C1295299%2C1296024%2C1304201%2C1306142%2C1307557%2C1308036%2C1334246%2C1334290%2C1317085%2C1339116%2C1324000%2C1323150%2C1332501%2C1320894%2C1333752%2C1303713%2C1321566%2C1264053%2C1343513

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-05/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-05/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-09/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-09/

reference_url	http://www.securityfocus.com/bid/96692
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/96692

reference_url	http://www.securitytracker.com/id/1037966
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1037966

reference_url	https://security.archlinux.org/ASA-201703-3
reference_id	ASA-201703-3
reference_type
scores
url	https://security.archlinux.org/ASA-201703-3

reference_url

https://security.archlinux.org/AVG-194

reference_id

AVG-194

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-194

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-5399

reference_id

CVE-2017-5399

reference_type

scores

value	10.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:C/I:C/A:C

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-5399

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_id

mfsa2017-05

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

reference_id

mfsa2017-09

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

reference_url	https://usn.ubuntu.com/3216-1/
reference_id	USN-3216-1
reference_type
scores
url	https://usn.ubuntu.com/3216-1/

fixed_packages

url	pkg:alpm/archlinux/firefox@52.0-1
purl	pkg:alpm/archlinux/firefox@52.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1

aliases CVE-2017-5399

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-erx8-1tfq-kyce

url VCID-gshc-3brh-c3dr

vulnerability_id VCID-gshc-3brh-c3dr

summary In certain circumstances a networking event listener can be prematurely released. This appears to result in a null dereference in practice.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-5416

reference_id

reference_type

scores

value	0.00856
scoring_system	epss
scoring_elements	0.75005
published_at	2026-04-21T12:55:00Z

value	0.00856
scoring_system	epss
scoring_elements	0.7498
published_at	2026-04-09T12:55:00Z

value	0.00856
scoring_system	epss
scoring_elements	0.75002
published_at	2026-04-11T12:55:00Z

value	0.00856
scoring_system	epss
scoring_elements	0.74981
published_at	2026-04-12T12:55:00Z

value	0.00856
scoring_system	epss
scoring_elements	0.74971
published_at	2026-04-13T12:55:00Z

value	0.00856
scoring_system	epss
scoring_elements	0.75008
published_at	2026-04-16T12:55:00Z

value	0.00856
scoring_system	epss
scoring_elements	0.75015
published_at	2026-04-18T12:55:00Z

value	0.00856
scoring_system	epss
scoring_elements	0.74927
published_at	2026-04-01T12:55:00Z

value	0.00856
scoring_system	epss
scoring_elements	0.7493
published_at	2026-04-02T12:55:00Z

value	0.00856
scoring_system	epss
scoring_elements	0.74959
published_at	2026-04-04T12:55:00Z

value	0.00856
scoring_system	epss
scoring_elements	0.74933
published_at	2026-04-07T12:55:00Z

value	0.00856
scoring_system	epss
scoring_elements	0.74967
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-5416

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1328121
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1328121

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-05/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-05/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-09/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-09/

reference_url	http://www.securityfocus.com/bid/96692
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/96692

reference_url	http://www.securitytracker.com/id/1037966
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1037966

reference_url	https://security.archlinux.org/ASA-201703-3
reference_id	ASA-201703-3
reference_type
scores
url	https://security.archlinux.org/ASA-201703-3

reference_url

https://security.archlinux.org/AVG-194

reference_id

AVG-194

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-194

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-5416

reference_id

CVE-2017-5416

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-5416

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_id

mfsa2017-05

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

reference_id

mfsa2017-09

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

reference_url	https://usn.ubuntu.com/3216-1/
reference_id	USN-3216-1
reference_type
scores
url	https://usn.ubuntu.com/3216-1/

fixed_packages

url	pkg:alpm/archlinux/firefox@52.0-1
purl	pkg:alpm/archlinux/firefox@52.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1

aliases CVE-2017-5416

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gshc-3brh-c3dr

url VCID-jwze-7mfw-r3ax

vulnerability_id VCID-jwze-7mfw-r3ax

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could lead to the execution of arbitrary code.

references

reference_url	http://rhn.redhat.com/errata/RHSA-2017-0459.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2017-0459.html

reference_url	http://rhn.redhat.com/errata/RHSA-2017-0461.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2017-0461.html

reference_url	http://rhn.redhat.com/errata/RHSA-2017-0498.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2017-0498.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5404.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5404.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-5404

reference_id

reference_type

scores

value	0.21288
scoring_system	epss
scoring_elements	0.95698
published_at	2026-04-21T12:55:00Z

value	0.21288
scoring_system	epss
scoring_elements	0.95696
published_at	2026-04-18T12:55:00Z

value	0.21288
scoring_system	epss
scoring_elements	0.95692
published_at	2026-04-16T12:55:00Z

value	0.21288
scoring_system	epss
scoring_elements	0.95649
published_at	2026-04-01T12:55:00Z

value	0.21288
scoring_system	epss
scoring_elements	0.95684
published_at	2026-04-13T12:55:00Z

value	0.21288
scoring_system	epss
scoring_elements	0.95682
published_at	2026-04-12T12:55:00Z

value	0.21288
scoring_system	epss
scoring_elements	0.95678
published_at	2026-04-09T12:55:00Z

value	0.21288
scoring_system	epss
scoring_elements	0.95674
published_at	2026-04-08T12:55:00Z

value	0.21288
scoring_system	epss
scoring_elements	0.95666
published_at	2026-04-07T12:55:00Z

value	0.21288
scoring_system	epss
scoring_elements	0.95663
published_at	2026-04-04T12:55:00Z

value	0.21288
scoring_system	epss
scoring_elements	0.95658
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-5404

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1340138
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1340138

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://www.debian.org/security/2017/dsa-3805
reference_id
reference_type
scores
url	https://www.debian.org/security/2017/dsa-3805

reference_url	https://www.debian.org/security/2017/dsa-3832
reference_id
reference_type
scores
url	https://www.debian.org/security/2017/dsa-3832

reference_url	https://www.exploit-db.com/exploits/41660/
reference_id
reference_type
scores
url	https://www.exploit-db.com/exploits/41660/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-05/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-05/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-06/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-06/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-07/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-07/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-09/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-09/

reference_url	http://www.securityfocus.com/bid/96664
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/96664

reference_url	http://www.securitytracker.com/id/1037966
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1037966

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1429781
reference_id	1429781
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1429781

reference_url	https://security.archlinux.org/ASA-201703-2
reference_id	ASA-201703-2
reference_type
scores
url	https://security.archlinux.org/ASA-201703-2

reference_url	https://security.archlinux.org/ASA-201703-3
reference_id	ASA-201703-3
reference_type
scores
url	https://security.archlinux.org/ASA-201703-3

reference_url

https://security.archlinux.org/AVG-193

reference_id

AVG-193

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-193

reference_url

https://security.archlinux.org/AVG-194

reference_id

AVG-194

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-194

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-5404

reference_id

CVE-2017-5404

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-5404

reference_url	https://bugs.chromium.org/p/project-zero/issues/detail?id=1130
reference_id	CVE-2017-5404;MFSA2017-05
reference_type	exploit
scores
url	https://bugs.chromium.org/p/project-zero/issues/detail?id=1130

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/41660.html
reference_id	CVE-2017-5404;MFSA2017-05
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/41660.html

reference_url	https://security.gentoo.org/glsa/201705-06
reference_id	GLSA-201705-06
reference_type
scores
url	https://security.gentoo.org/glsa/201705-06

reference_url	https://security.gentoo.org/glsa/201705-07
reference_id	GLSA-201705-07
reference_type
scores
url	https://security.gentoo.org/glsa/201705-07

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_id

mfsa2017-05

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-06

reference_id

mfsa2017-06

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-07

reference_id

mfsa2017-07

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-07

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

reference_id

mfsa2017-09

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

reference_url	https://access.redhat.com/errata/RHSA-2017:0459
reference_id	RHSA-2017:0459
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0459

reference_url	https://access.redhat.com/errata/RHSA-2017:0461
reference_id	RHSA-2017:0461
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0461

reference_url	https://access.redhat.com/errata/RHSA-2017:0498
reference_id	RHSA-2017:0498
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0498

reference_url	https://usn.ubuntu.com/3216-1/
reference_id	USN-3216-1
reference_type
scores
url	https://usn.ubuntu.com/3216-1/

reference_url	https://usn.ubuntu.com/3233-1/
reference_id	USN-3233-1
reference_type
scores
url	https://usn.ubuntu.com/3233-1/

fixed_packages

url	pkg:alpm/archlinux/firefox@52.0-1
purl	pkg:alpm/archlinux/firefox@52.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1

aliases CVE-2017-5404

risk_score 10.0

exploitability 2.0

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jwze-7mfw-r3ax

url VCID-npyt-d8qr-wqdj

vulnerability_id VCID-npyt-d8qr-wqdj

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could lead to the execution of arbitrary code.

references

reference_url	http://rhn.redhat.com/errata/RHSA-2017-0459.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2017-0459.html

reference_url	http://rhn.redhat.com/errata/RHSA-2017-0461.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2017-0461.html

reference_url	http://rhn.redhat.com/errata/RHSA-2017-0498.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2017-0498.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5402.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5402.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-5402

reference_id

reference_type

scores

value	0.02498
scoring_system	epss
scoring_elements	0.85349
published_at	2026-04-21T12:55:00Z

value	0.02498
scoring_system	epss
scoring_elements	0.85289
published_at	2026-04-04T12:55:00Z

value	0.02498
scoring_system	epss
scoring_elements	0.85292
published_at	2026-04-07T12:55:00Z

value	0.02498
scoring_system	epss
scoring_elements	0.85313
published_at	2026-04-08T12:55:00Z

value	0.02498
scoring_system	epss
scoring_elements	0.85322
published_at	2026-04-09T12:55:00Z

value	0.02498
scoring_system	epss
scoring_elements	0.85336
published_at	2026-04-11T12:55:00Z

value	0.02498
scoring_system	epss
scoring_elements	0.85333
published_at	2026-04-12T12:55:00Z

value	0.02498
scoring_system	epss
scoring_elements	0.8533
published_at	2026-04-13T12:55:00Z

value	0.02498
scoring_system	epss
scoring_elements	0.8535
published_at	2026-04-16T12:55:00Z

value	0.02498
scoring_system	epss
scoring_elements	0.85352
published_at	2026-04-18T12:55:00Z

value	0.02498
scoring_system	epss
scoring_elements	0.85258
published_at	2026-04-01T12:55:00Z

value	0.02498
scoring_system	epss
scoring_elements	0.8527
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-5402

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1334876
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1334876

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://www.debian.org/security/2017/dsa-3805
reference_id
reference_type
scores
url	https://www.debian.org/security/2017/dsa-3805

reference_url	https://www.debian.org/security/2017/dsa-3832
reference_id
reference_type
scores
url	https://www.debian.org/security/2017/dsa-3832

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-05/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-05/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-06/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-06/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-07/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-07/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-09/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-09/

reference_url	http://www.securityfocus.com/bid/96664
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/96664

reference_url	http://www.securitytracker.com/id/1037966
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1037966

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1429780
reference_id	1429780
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1429780

reference_url	https://security.archlinux.org/ASA-201703-2
reference_id	ASA-201703-2
reference_type
scores
url	https://security.archlinux.org/ASA-201703-2

reference_url	https://security.archlinux.org/ASA-201703-3
reference_id	ASA-201703-3
reference_type
scores
url	https://security.archlinux.org/ASA-201703-3

reference_url

https://security.archlinux.org/AVG-193

reference_id

AVG-193

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-193

reference_url

https://security.archlinux.org/AVG-194

reference_id

AVG-194

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-194

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-5402

reference_id

CVE-2017-5402

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-5402

reference_url	https://security.gentoo.org/glsa/201705-06
reference_id	GLSA-201705-06
reference_type
scores
url	https://security.gentoo.org/glsa/201705-06

reference_url	https://security.gentoo.org/glsa/201705-07
reference_id	GLSA-201705-07
reference_type
scores
url	https://security.gentoo.org/glsa/201705-07

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_id

mfsa2017-05

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-06

reference_id

mfsa2017-06

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-07

reference_id

mfsa2017-07

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-07

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

reference_id

mfsa2017-09

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

reference_url	https://access.redhat.com/errata/RHSA-2017:0459
reference_id	RHSA-2017:0459
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0459

reference_url	https://access.redhat.com/errata/RHSA-2017:0461
reference_id	RHSA-2017:0461
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0461

reference_url	https://access.redhat.com/errata/RHSA-2017:0498
reference_id	RHSA-2017:0498
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0498

reference_url	https://usn.ubuntu.com/3216-1/
reference_id	USN-3216-1
reference_type
scores
url	https://usn.ubuntu.com/3216-1/

reference_url	https://usn.ubuntu.com/3233-1/
reference_id	USN-3233-1
reference_type
scores
url	https://usn.ubuntu.com/3233-1/

fixed_packages

url	pkg:alpm/archlinux/firefox@52.0-1
purl	pkg:alpm/archlinux/firefox@52.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1

aliases CVE-2017-5402

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-npyt-d8qr-wqdj

url VCID-qdc5-1z7p-zqar

vulnerability_id VCID-qdc5-1z7p-zqar

summary A javascript: url loaded by a malicious page can obfuscate its location by blanking the URL displayed in the addressbar, allowing for an attacker to spoof an existing page without the malicious page's address being displayed correctly.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-5420

reference_id

reference_type

scores

value	0.00398
scoring_system	epss
scoring_elements	0.60651
published_at	2026-04-21T12:55:00Z

value	0.00398
scoring_system	epss
scoring_elements	0.60492
published_at	2026-04-01T12:55:00Z

value	0.00398
scoring_system	epss
scoring_elements	0.60652
published_at	2026-04-11T12:55:00Z

value	0.00398
scoring_system	epss
scoring_elements	0.60637
published_at	2026-04-12T12:55:00Z

value	0.00398
scoring_system	epss
scoring_elements	0.60616
published_at	2026-04-13T12:55:00Z

value	0.00398
scoring_system	epss
scoring_elements	0.60658
published_at	2026-04-16T12:55:00Z

value	0.00398
scoring_system	epss
scoring_elements	0.60664
published_at	2026-04-18T12:55:00Z

value	0.00398
scoring_system	epss
scoring_elements	0.60566
published_at	2026-04-02T12:55:00Z

value	0.00398
scoring_system	epss
scoring_elements	0.60594
published_at	2026-04-04T12:55:00Z

value	0.00398
scoring_system	epss
scoring_elements	0.60563
published_at	2026-04-07T12:55:00Z

value	0.00398
scoring_system	epss
scoring_elements	0.60612
published_at	2026-04-08T12:55:00Z

value	0.00398
scoring_system	epss
scoring_elements	0.60628
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-5420

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1284395
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1284395

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-05/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-05/

reference_url	http://www.securityfocus.com/bid/96692
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/96692

reference_url	http://www.securitytracker.com/id/1037966
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1037966

reference_url	https://security.archlinux.org/ASA-201703-3
reference_id	ASA-201703-3
reference_type
scores
url	https://security.archlinux.org/ASA-201703-3

reference_url

https://security.archlinux.org/AVG-194

reference_id

AVG-194

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-194

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-5420

reference_id

CVE-2017-5420

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2017-5420

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_id

mfsa2017-05

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_url	https://usn.ubuntu.com/3216-1/
reference_id	USN-3216-1
reference_type
scores
url	https://usn.ubuntu.com/3216-1/

fixed_packages

url	pkg:alpm/archlinux/firefox@52.0-1
purl	pkg:alpm/archlinux/firefox@52.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1

aliases CVE-2017-5420

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qdc5-1z7p-zqar

url VCID-r8en-yg26-w3a1

vulnerability_id VCID-r8en-yg26-w3a1

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could lead to the execution of arbitrary code.

references

reference_url	http://rhn.redhat.com/errata/RHSA-2017-0459.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2017-0459.html

reference_url	http://rhn.redhat.com/errata/RHSA-2017-0461.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2017-0461.html

reference_url	http://rhn.redhat.com/errata/RHSA-2017-0498.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2017-0498.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5398.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5398.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-5398

reference_id

reference_type

scores

value	0.03265
scoring_system	epss
scoring_elements	0.87168
published_at	2026-04-18T12:55:00Z

value	0.03265
scoring_system	epss
scoring_elements	0.87163
published_at	2026-04-21T12:55:00Z

value	0.03265
scoring_system	epss
scoring_elements	0.87147
published_at	2026-04-13T12:55:00Z

value	0.03265
scoring_system	epss
scoring_elements	0.87095
published_at	2026-04-01T12:55:00Z

value	0.03265
scoring_system	epss
scoring_elements	0.87151
published_at	2026-04-12T12:55:00Z

value	0.03265
scoring_system	epss
scoring_elements	0.87157
published_at	2026-04-11T12:55:00Z

value	0.03265
scoring_system	epss
scoring_elements	0.87144
published_at	2026-04-09T12:55:00Z

value	0.03265
scoring_system	epss
scoring_elements	0.87136
published_at	2026-04-08T12:55:00Z

value	0.03265
scoring_system	epss
scoring_elements	0.87116
published_at	2026-04-07T12:55:00Z

value	0.03265
scoring_system	epss
scoring_elements	0.87123
published_at	2026-04-04T12:55:00Z

value	0.03265
scoring_system	epss
scoring_elements	0.87106
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-5398

reference_url	https://bugzilla.mozilla.org/buglist.cgi?bug_id=1332550%2C1332597%2C1338383%2C1321612%2C1322971%2C1333568%2C1333887%2C1335450%2C1325052%2C1324379%2C1336510
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/buglist.cgi?bug_id=1332550%2C1332597%2C1338383%2C1321612%2C1322971%2C1333568%2C1333887%2C1335450%2C1325052%2C1324379%2C1336510

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://www.debian.org/security/2017/dsa-3805
reference_id
reference_type
scores
url	https://www.debian.org/security/2017/dsa-3805

reference_url	https://www.debian.org/security/2017/dsa-3832
reference_id
reference_type
scores
url	https://www.debian.org/security/2017/dsa-3832

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-05/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-05/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-06/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-06/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-07/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-07/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-09/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-09/

reference_url	http://www.securityfocus.com/bid/96651
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/96651

reference_url	http://www.securitytracker.com/id/1037966
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1037966

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1429786
reference_id	1429786
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1429786

reference_url	https://security.archlinux.org/ASA-201703-2
reference_id	ASA-201703-2
reference_type
scores
url	https://security.archlinux.org/ASA-201703-2

reference_url	https://security.archlinux.org/ASA-201703-3
reference_id	ASA-201703-3
reference_type
scores
url	https://security.archlinux.org/ASA-201703-3

reference_url

https://security.archlinux.org/AVG-193

reference_id

AVG-193

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-193

reference_url

https://security.archlinux.org/AVG-194

reference_id

AVG-194

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-194

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird_esr::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-5398

reference_id

CVE-2017-5398

reference_type

scores

value	10.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:C/I:C/A:C

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-5398

reference_url	https://security.gentoo.org/glsa/201705-06
reference_id	GLSA-201705-06
reference_type
scores
url	https://security.gentoo.org/glsa/201705-06

reference_url	https://security.gentoo.org/glsa/201705-07
reference_id	GLSA-201705-07
reference_type
scores
url	https://security.gentoo.org/glsa/201705-07

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_id

mfsa2017-05

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-06

reference_id

mfsa2017-06

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-07

reference_id

mfsa2017-07

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-07

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

reference_id

mfsa2017-09

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

reference_url	https://access.redhat.com/errata/RHSA-2017:0459
reference_id	RHSA-2017:0459
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0459

reference_url	https://access.redhat.com/errata/RHSA-2017:0461
reference_id	RHSA-2017:0461
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0461

reference_url	https://access.redhat.com/errata/RHSA-2017:0498
reference_id	RHSA-2017:0498
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0498

reference_url	https://usn.ubuntu.com/3216-1/
reference_id	USN-3216-1
reference_type
scores
url	https://usn.ubuntu.com/3216-1/

reference_url	https://usn.ubuntu.com/3233-1/
reference_id	USN-3233-1
reference_type
scores
url	https://usn.ubuntu.com/3233-1/

fixed_packages

url	pkg:alpm/archlinux/firefox@52.0-1
purl	pkg:alpm/archlinux/firefox@52.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1

aliases CVE-2017-5398

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r8en-yg26-w3a1

url VCID-re3h-pcpx-puhe

vulnerability_id VCID-re3h-pcpx-puhe

summary A malicious site could spoof the contents of the print preview window if popup windows are enabled, resulting in user confusion of what site is currently loaded.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-5421

reference_id

reference_type

scores

value	0.00405
scoring_system	epss
scoring_elements	0.61073
published_at	2026-04-21T12:55:00Z

value	0.00405
scoring_system	epss
scoring_elements	0.61056
published_at	2026-04-09T12:55:00Z

value	0.00405
scoring_system	epss
scoring_elements	0.61077
published_at	2026-04-11T12:55:00Z

value	0.00405
scoring_system	epss
scoring_elements	0.61063
published_at	2026-04-12T12:55:00Z

value	0.00405
scoring_system	epss
scoring_elements	0.61043
published_at	2026-04-13T12:55:00Z

value	0.00405
scoring_system	epss
scoring_elements	0.61084
published_at	2026-04-16T12:55:00Z

value	0.00405
scoring_system	epss
scoring_elements	0.61089
published_at	2026-04-18T12:55:00Z

value	0.00405
scoring_system	epss
scoring_elements	0.60921
published_at	2026-04-01T12:55:00Z

value	0.00405
scoring_system	epss
scoring_elements	0.60998
published_at	2026-04-02T12:55:00Z

value	0.00405
scoring_system	epss
scoring_elements	0.61026
published_at	2026-04-04T12:55:00Z

value	0.00405
scoring_system	epss
scoring_elements	0.60991
published_at	2026-04-07T12:55:00Z

value	0.00405
scoring_system	epss
scoring_elements	0.61039
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-5421

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1301876
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1301876

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-05/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-05/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-09/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-09/

reference_url	http://www.securityfocus.com/bid/96692
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/96692

reference_url	http://www.securitytracker.com/id/1037966
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1037966

reference_url	https://security.archlinux.org/ASA-201703-3
reference_id	ASA-201703-3
reference_type
scores
url	https://security.archlinux.org/ASA-201703-3

reference_url

https://security.archlinux.org/AVG-194

reference_id

AVG-194

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-194

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-5421

reference_id

CVE-2017-5421

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:P/A:N

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2017-5421

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_id

mfsa2017-05

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

reference_id

mfsa2017-09

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

reference_url	https://usn.ubuntu.com/3216-1/
reference_id	USN-3216-1
reference_type
scores
url	https://usn.ubuntu.com/3216-1/

fixed_packages

url	pkg:alpm/archlinux/firefox@52.0-1
purl	pkg:alpm/archlinux/firefox@52.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1

aliases CVE-2017-5421

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-re3h-pcpx-puhe

url VCID-rff5-96dg-qqgp

vulnerability_id VCID-rff5-96dg-qqgp

summary On Linux, if the secure computing mode BPF (seccomp-bpf) filter is running when the Gecko Media Plugin sandbox is started, the sandbox fails to be applied and items that would run within the sandbox are run protected only by the running filter which is typically weak compared to the sandbox. *Note: this issue only affects Linux. Other operating systems are not affected.*

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-5426

reference_id

reference_type

scores

value	0.00304
scoring_system	epss
scoring_elements	0.53688
published_at	2026-04-21T12:55:00Z

value	0.00304
scoring_system	epss
scoring_elements	0.53648
published_at	2026-04-09T12:55:00Z

value	0.00304
scoring_system	epss
scoring_elements	0.53697
published_at	2026-04-11T12:55:00Z

value	0.00304
scoring_system	epss
scoring_elements	0.53681
published_at	2026-04-12T12:55:00Z

value	0.00304
scoring_system	epss
scoring_elements	0.53664
published_at	2026-04-13T12:55:00Z

value	0.00304
scoring_system	epss
scoring_elements	0.53701
published_at	2026-04-16T12:55:00Z

value	0.00304
scoring_system	epss
scoring_elements	0.53706
published_at	2026-04-18T12:55:00Z

value	0.00304
scoring_system	epss
scoring_elements	0.53578
published_at	2026-04-01T12:55:00Z

value	0.00304
scoring_system	epss
scoring_elements	0.53602
published_at	2026-04-02T12:55:00Z

value	0.00304
scoring_system	epss
scoring_elements	0.5363
published_at	2026-04-04T12:55:00Z

value	0.00304
scoring_system	epss
scoring_elements	0.53599
published_at	2026-04-07T12:55:00Z

value	0.00304
scoring_system	epss
scoring_elements	0.5365
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-5426

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1257361
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1257361

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.1
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-05/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-05/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-09/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-09/

reference_url	http://www.securityfocus.com/bid/96694
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/96694

reference_url	http://www.securitytracker.com/id/1037966
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1037966

reference_url	https://security.archlinux.org/ASA-201703-3
reference_id	ASA-201703-3
reference_type
scores
url	https://security.archlinux.org/ASA-201703-3

reference_url

https://security.archlinux.org/AVG-194

reference_id

AVG-194

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-194

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:-:::::::*
reference_id	cpe:2.3:o:linux:linux_kernel:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:-:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-5426

reference_id

CVE-2017-5426

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:P/A:N

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2017-5426

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_id

mfsa2017-05

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

reference_id

mfsa2017-09

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

reference_url	https://usn.ubuntu.com/3216-1/
reference_id	USN-3216-1
reference_type
scores
url	https://usn.ubuntu.com/3216-1/

fixed_packages

url	pkg:alpm/archlinux/firefox@52.0-1
purl	pkg:alpm/archlinux/firefox@52.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1

aliases CVE-2017-5426

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rff5-96dg-qqgp

url VCID-ssxw-2rbk-cyfe

vulnerability_id VCID-ssxw-2rbk-cyfe

summary A buffer overflow read during SVG filter color value operations, resulting in data exposure.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-5412

reference_id

reference_type

scores

value	0.00361
scoring_system	epss
scoring_elements	0.58269
published_at	2026-04-21T12:55:00Z

value	0.00361
scoring_system	epss
scoring_elements	0.58277
published_at	2026-04-12T12:55:00Z

value	0.00361
scoring_system	epss
scoring_elements	0.58282
published_at	2026-04-09T12:55:00Z

value	0.00361
scoring_system	epss
scoring_elements	0.583
published_at	2026-04-11T12:55:00Z

value	0.00361
scoring_system	epss
scoring_elements	0.58257
published_at	2026-04-13T12:55:00Z

value	0.00361
scoring_system	epss
scoring_elements	0.58289
published_at	2026-04-16T12:55:00Z

value	0.00361
scoring_system	epss
scoring_elements	0.58291
published_at	2026-04-18T12:55:00Z

value	0.00361
scoring_system	epss
scoring_elements	0.58143
published_at	2026-04-01T12:55:00Z

value	0.00361
scoring_system	epss
scoring_elements	0.58228
published_at	2026-04-02T12:55:00Z

value	0.00361
scoring_system	epss
scoring_elements	0.58249
published_at	2026-04-04T12:55:00Z

value	0.00361
scoring_system	epss
scoring_elements	0.58223
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-5412

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1328323
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1328323

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-05/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-05/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-09/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-09/

reference_url	http://www.securityfocus.com/bid/96692
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/96692

reference_url	http://www.securitytracker.com/id/1037966
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1037966

reference_url	https://security.archlinux.org/ASA-201703-3
reference_id	ASA-201703-3
reference_type
scores
url	https://security.archlinux.org/ASA-201703-3

reference_url

https://security.archlinux.org/AVG-194

reference_id

AVG-194

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-194

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-5412

reference_id

CVE-2017-5412

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:N

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2017-5412

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_id

mfsa2017-05

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

reference_id

mfsa2017-09

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

reference_url	https://usn.ubuntu.com/3216-1/
reference_id	USN-3216-1
reference_type
scores
url	https://usn.ubuntu.com/3216-1/

fixed_packages

url	pkg:alpm/archlinux/firefox@52.0-1
purl	pkg:alpm/archlinux/firefox@52.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1

aliases CVE-2017-5412

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ssxw-2rbk-cyfe

url VCID-t4bj-qz9s-s7eb

vulnerability_id VCID-t4bj-qz9s-s7eb

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could lead to the execution of arbitrary code.

references

reference_url	http://rhn.redhat.com/errata/RHSA-2017-0459.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2017-0459.html

reference_url	http://rhn.redhat.com/errata/RHSA-2017-0461.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2017-0461.html

reference_url	http://rhn.redhat.com/errata/RHSA-2017-0498.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2017-0498.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5405.json

reference_id

reference_type

scores

value	5.6
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5405.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-5405

reference_id

reference_type

scores

value	0.02352
scoring_system	epss
scoring_elements	0.84922
published_at	2026-04-21T12:55:00Z

value	0.02352
scoring_system	epss
scoring_elements	0.84859
published_at	2026-04-04T12:55:00Z

value	0.02352
scoring_system	epss
scoring_elements	0.84861
published_at	2026-04-07T12:55:00Z

value	0.02352
scoring_system	epss
scoring_elements	0.84883
published_at	2026-04-08T12:55:00Z

value	0.02352
scoring_system	epss
scoring_elements	0.8489
published_at	2026-04-09T12:55:00Z

value	0.02352
scoring_system	epss
scoring_elements	0.84909
published_at	2026-04-11T12:55:00Z

value	0.02352
scoring_system	epss
scoring_elements	0.84907
published_at	2026-04-12T12:55:00Z

value	0.02352
scoring_system	epss
scoring_elements	0.84902
published_at	2026-04-13T12:55:00Z

value	0.02352
scoring_system	epss
scoring_elements	0.84923
published_at	2026-04-16T12:55:00Z

value	0.02352
scoring_system	epss
scoring_elements	0.84924
published_at	2026-04-18T12:55:00Z

value	0.02352
scoring_system	epss
scoring_elements	0.84826
published_at	2026-04-01T12:55:00Z

value	0.02352
scoring_system	epss
scoring_elements	0.84841
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-5405

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1336699
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1336699

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://www.debian.org/security/2017/dsa-3805
reference_id
reference_type
scores
url	https://www.debian.org/security/2017/dsa-3805

reference_url	https://www.debian.org/security/2017/dsa-3832
reference_id
reference_type
scores
url	https://www.debian.org/security/2017/dsa-3832

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-05/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-05/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-06/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-06/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-07/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-07/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-09/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-09/

reference_url	http://www.securityfocus.com/bid/96693
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/96693

reference_url	http://www.securitytracker.com/id/1037966
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1037966

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1429785
reference_id	1429785
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1429785

reference_url	https://security.archlinux.org/ASA-201703-2
reference_id	ASA-201703-2
reference_type
scores
url	https://security.archlinux.org/ASA-201703-2

reference_url	https://security.archlinux.org/ASA-201703-3
reference_id	ASA-201703-3
reference_type
scores
url	https://security.archlinux.org/ASA-201703-3

reference_url

https://security.archlinux.org/AVG-193

reference_id

AVG-193

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-193

reference_url

https://security.archlinux.org/AVG-194

reference_id

AVG-194

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-194

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-5405

reference_id

CVE-2017-5405

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:N

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2017-5405

reference_url	https://security.gentoo.org/glsa/201705-06
reference_id	GLSA-201705-06
reference_type
scores
url	https://security.gentoo.org/glsa/201705-06

reference_url	https://security.gentoo.org/glsa/201705-07
reference_id	GLSA-201705-07
reference_type
scores
url	https://security.gentoo.org/glsa/201705-07

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_id

mfsa2017-05

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-06

reference_id

mfsa2017-06

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-07

reference_id

mfsa2017-07

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-07

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

reference_id

mfsa2017-09

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

reference_url	https://access.redhat.com/errata/RHSA-2017:0459
reference_id	RHSA-2017:0459
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0459

reference_url	https://access.redhat.com/errata/RHSA-2017:0461
reference_id	RHSA-2017:0461
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0461

reference_url	https://access.redhat.com/errata/RHSA-2017:0498
reference_id	RHSA-2017:0498
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0498

reference_url	https://usn.ubuntu.com/3216-1/
reference_id	USN-3216-1
reference_type
scores
url	https://usn.ubuntu.com/3216-1/

reference_url	https://usn.ubuntu.com/3233-1/
reference_id	USN-3233-1
reference_type
scores
url	https://usn.ubuntu.com/3233-1/

fixed_packages

url	pkg:alpm/archlinux/firefox@52.0-1
purl	pkg:alpm/archlinux/firefox@52.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1

aliases CVE-2017-5405

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t4bj-qz9s-s7eb

url VCID-w67x-2qg8-v7gv

vulnerability_id VCID-w67x-2qg8-v7gv

summary A segmentation fault can occur in the Skia graphics library during some canvas operations due to issues with mask/clip intersection and empty masks.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-5406

reference_id

reference_type

scores

value	0.00736
scoring_system	epss
scoring_elements	0.7285
published_at	2026-04-21T12:55:00Z

value	0.00736
scoring_system	epss
scoring_elements	0.72807
published_at	2026-04-09T12:55:00Z

value	0.00736
scoring_system	epss
scoring_elements	0.72832
published_at	2026-04-11T12:55:00Z

value	0.00736
scoring_system	epss
scoring_elements	0.72815
published_at	2026-04-12T12:55:00Z

value	0.00736
scoring_system	epss
scoring_elements	0.72806
published_at	2026-04-13T12:55:00Z

value	0.00736
scoring_system	epss
scoring_elements	0.72848
published_at	2026-04-16T12:55:00Z

value	0.00736
scoring_system	epss
scoring_elements	0.72858
published_at	2026-04-18T12:55:00Z

value	0.00736
scoring_system	epss
scoring_elements	0.72752
published_at	2026-04-01T12:55:00Z

value	0.00736
scoring_system	epss
scoring_elements	0.72759
published_at	2026-04-02T12:55:00Z

value	0.00736
scoring_system	epss
scoring_elements	0.72779
published_at	2026-04-04T12:55:00Z

value	0.00736
scoring_system	epss
scoring_elements	0.72755
published_at	2026-04-07T12:55:00Z

value	0.00736
scoring_system	epss
scoring_elements	0.72794
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-5406

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1306890
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1306890

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-05/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-05/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-09/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-09/

reference_url	http://www.securityfocus.com/bid/96692
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/96692

reference_url	http://www.securitytracker.com/id/1037966
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1037966

reference_url	https://security.archlinux.org/ASA-201703-3
reference_id	ASA-201703-3
reference_type
scores
url	https://security.archlinux.org/ASA-201703-3

reference_url

https://security.archlinux.org/AVG-194

reference_id

AVG-194

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-194

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-5406

reference_id

CVE-2017-5406

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-5406

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_id

mfsa2017-05

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

reference_id

mfsa2017-09

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

reference_url	https://usn.ubuntu.com/3216-1/
reference_id	USN-3216-1
reference_type
scores
url	https://usn.ubuntu.com/3216-1/

fixed_packages

url	pkg:alpm/archlinux/firefox@52.0-1
purl	pkg:alpm/archlinux/firefox@52.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1

aliases CVE-2017-5406

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w67x-2qg8-v7gv

url VCID-w7g1-ub97-gqdd

vulnerability_id VCID-w7g1-ub97-gqdd

summary An out of bounds read error occurs when parsing some HTTP digest authorization responses, resulting in information leakage through the reading of random memory containing matches to specifically set patterns.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-5418

reference_id

reference_type

scores

value	0.00523
scoring_system	epss
scoring_elements	0.66935
published_at	2026-04-21T12:55:00Z

value	0.00523
scoring_system	epss
scoring_elements	0.6693
published_at	2026-04-09T12:55:00Z

value	0.00523
scoring_system	epss
scoring_elements	0.6695
published_at	2026-04-11T12:55:00Z

value	0.00523
scoring_system	epss
scoring_elements	0.66936
published_at	2026-04-12T12:55:00Z

value	0.00523
scoring_system	epss
scoring_elements	0.66904
published_at	2026-04-13T12:55:00Z

value	0.00523
scoring_system	epss
scoring_elements	0.66938
published_at	2026-04-16T12:55:00Z

value	0.00523
scoring_system	epss
scoring_elements	0.66952
published_at	2026-04-18T12:55:00Z

value	0.00523
scoring_system	epss
scoring_elements	0.6683
published_at	2026-04-01T12:55:00Z

value	0.00523
scoring_system	epss
scoring_elements	0.66869
published_at	2026-04-02T12:55:00Z

value	0.00523
scoring_system	epss
scoring_elements	0.66895
published_at	2026-04-04T12:55:00Z

value	0.00523
scoring_system	epss
scoring_elements	0.66868
published_at	2026-04-07T12:55:00Z

value	0.00523
scoring_system	epss
scoring_elements	0.66916
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-5418

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1338876
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1338876

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-05/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-05/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-09/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-09/

reference_url	http://www.securityfocus.com/bid/96692
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/96692

reference_url	http://www.securitytracker.com/id/1037966
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1037966

reference_url	https://security.archlinux.org/ASA-201703-3
reference_id	ASA-201703-3
reference_type
scores
url	https://security.archlinux.org/ASA-201703-3

reference_url

https://security.archlinux.org/AVG-194

reference_id

AVG-194

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-194

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-5418

reference_id

CVE-2017-5418

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:N

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2017-5418

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_id

mfsa2017-05

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

reference_id

mfsa2017-09

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

reference_url	https://usn.ubuntu.com/3216-1/
reference_id	USN-3216-1
reference_type
scores
url	https://usn.ubuntu.com/3216-1/

fixed_packages

url	pkg:alpm/archlinux/firefox@52.0-1
purl	pkg:alpm/archlinux/firefox@52.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1

aliases CVE-2017-5418

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w7g1-ub97-gqdd

url VCID-zpz5-xyxk-4fby

vulnerability_id VCID-zpz5-xyxk-4fby

summary If a malicious site repeatedly triggers a modal authentication prompt, eventually the browser UI will become non-responsive, requiring shutdown through the operating system. This is a denial of service (DOS) attack.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-5419

reference_id

reference_type

scores

value	0.00907
scoring_system	epss
scoring_elements	0.75785
published_at	2026-04-21T12:55:00Z

value	0.00907
scoring_system	epss
scoring_elements	0.75747
published_at	2026-04-08T12:55:00Z

value	0.00907
scoring_system	epss
scoring_elements	0.75758
published_at	2026-04-13T12:55:00Z

value	0.00907
scoring_system	epss
scoring_elements	0.75782
published_at	2026-04-11T12:55:00Z

value	0.00907
scoring_system	epss
scoring_elements	0.75764
published_at	2026-04-12T12:55:00Z

value	0.00907
scoring_system	epss
scoring_elements	0.75796
published_at	2026-04-16T12:55:00Z

value	0.00907
scoring_system	epss
scoring_elements	0.758
published_at	2026-04-18T12:55:00Z

value	0.00907
scoring_system	epss
scoring_elements	0.75701
published_at	2026-04-01T12:55:00Z

value	0.00907
scoring_system	epss
scoring_elements	0.75703
published_at	2026-04-02T12:55:00Z

value	0.00907
scoring_system	epss
scoring_elements	0.75734
published_at	2026-04-04T12:55:00Z

value	0.00907
scoring_system	epss
scoring_elements	0.75713
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-5419

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1312243
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1312243

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-05/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-05/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-09/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-09/

reference_url	http://www.securityfocus.com/bid/96692
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/96692

reference_url	http://www.securitytracker.com/id/1037966
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1037966

reference_url	https://security.archlinux.org/ASA-201703-3
reference_id	ASA-201703-3
reference_type
scores
url	https://security.archlinux.org/ASA-201703-3

reference_url

https://security.archlinux.org/AVG-194

reference_id

AVG-194

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-194

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-5419

reference_id

CVE-2017-5419

reference_type

scores

value	7.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:C

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-5419

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_id

mfsa2017-05

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-05

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

reference_id

mfsa2017-09

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-09

reference_url	https://usn.ubuntu.com/3216-1/
reference_id	USN-3216-1
reference_type
scores
url	https://usn.ubuntu.com/3216-1/

fixed_packages

url	pkg:alpm/archlinux/firefox@52.0-1
purl	pkg:alpm/archlinux/firefox@52.0-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1

aliases CVE-2017-5419

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zpz5-xyxk-4fby

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1

Package Instance