Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/583594?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/583594?format=api", "purl": "pkg:deb/debian/firefox@52.0-1?distro=sid", "type": "deb", "namespace": "debian", "name": "firefox", "version": "52.0-1", "qualifiers": { "distro": "sid" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "52.0.1-1", "latest_non_vulnerable_version": "150.0-1", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62815?format=api", "vulnerability_id": "VCID-22xt-tnu1-gyhu", "summary": "An attack can use a blob URL and script to spoof an arbitrary addressbar URL prefaced by blob: as the protocol, leading to user confusion and further spoofing attacks.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5415", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.29152", "scoring_system": "epss", "scoring_elements": "0.966", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.29152", "scoring_system": "epss", "scoring_elements": "0.96551", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.29152", "scoring_system": "epss", "scoring_elements": "0.96579", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.29152", "scoring_system": "epss", "scoring_elements": "0.96582", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.29152", "scoring_system": "epss", "scoring_elements": "0.96585", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.29152", "scoring_system": "epss", "scoring_elements": "0.96591", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.29152", "scoring_system": "epss", "scoring_elements": "0.96597", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.29152", "scoring_system": "epss", "scoring_elements": "0.96561", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.29152", "scoring_system": "epss", "scoring_elements": "0.96566", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.29152", "scoring_system": "epss", "scoring_elements": "0.96569", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.29152", "scoring_system": "epss", "scoring_elements": "0.96577", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5415" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1321719", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1321719" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "http://www.securityfocus.com/bid/96692", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96692" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://github.com/649/CVE-2017-5415/tree/209b7ae6882a18ae51b1222a68c040a3bc9a8bc5", "reference_id": "CVE-2017-5415", "reference_type": "exploit", "scores": [], "url": "https://github.com/649/CVE-2017-5415/tree/209b7ae6882a18ae51b1222a68c040a3bc9a8bc5" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/local/44266.html", "reference_id": "CVE-2017-5415", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/local/44266.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5415", "reference_id": "CVE-2017-5415", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5415" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583594?format=api", "purl": "pkg:deb/debian/firefox@52.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@52.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" } ], "aliases": [ "CVE-2017-5415" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-22xt-tnu1-gyhu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62820?format=api", "vulnerability_id": "VCID-3dy5-4e6w-3kgt", "summary": "A non-existent chrome.manifest file will attempt to be loaded during startup from the primary installation directory. If a malicious user with local access puts chrome.manifest and other referenced files in this directory, they will be loaded and activated during startup. This could result in malicious software being added without consent or modification of referenced installed files.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5427", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26879", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27048", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27029", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27032", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26988", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26931", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26941", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27088", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27124", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26915", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26983", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5427" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1295542", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1295542" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.1", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:S/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "http://www.securityfocus.com/bid/96692", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96692" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5427", "reference_id": "CVE-2017-5427", "reference_type": "", "scores": [ { "value": "1.9", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:N/C:N/I:P/A:N" }, { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5427" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583594?format=api", "purl": "pkg:deb/debian/firefox@52.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@52.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" } ], "aliases": [ "CVE-2017-5427" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3dy5-4e6w-3kgt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31911?format=api", "vulnerability_id": "VCID-3ehk-593t-abcp", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5408.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5408.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01068", "scoring_system": "epss", "scoring_elements": "0.77747", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01068", "scoring_system": "epss", "scoring_elements": "0.77692", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01068", "scoring_system": "epss", "scoring_elements": "0.77675", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01068", "scoring_system": "epss", "scoring_elements": "0.77703", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01068", "scoring_system": "epss", "scoring_elements": "0.77708", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01068", "scoring_system": "epss", "scoring_elements": "0.77734", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01068", "scoring_system": "epss", "scoring_elements": "0.77718", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01068", "scoring_system": "epss", "scoring_elements": "0.77717", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01068", "scoring_system": "epss", "scoring_elements": "0.77754", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01068", "scoring_system": "epss", "scoring_elements": "0.77753", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01068", "scoring_system": "epss", "scoring_elements": "0.77658", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01068", "scoring_system": "epss", "scoring_elements": "0.77665", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5408" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1313711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1313711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3805" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3832", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3832" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-06/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-06/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-07/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-07/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-09/" }, { "reference_url": "http://www.securityfocus.com/bid/96693", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96693" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429784", "reference_id": "1429784", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429784" }, { "reference_url": "https://security.archlinux.org/ASA-201703-2", "reference_id": "ASA-201703-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-2" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-193", "reference_id": "AVG-193", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-193" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5408", "reference_id": "CVE-2017-5408", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5408" }, { "reference_url": "https://security.gentoo.org/glsa/201705-06", "reference_id": "GLSA-201705-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-06" }, { "reference_url": "https://security.gentoo.org/glsa/201705-07", "reference_id": "GLSA-201705-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06", "reference_id": "mfsa2017-06", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07", "reference_id": "mfsa2017-07", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0459", "reference_id": "RHSA-2017:0459", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0459" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0461", "reference_id": "RHSA-2017:0461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0498", "reference_id": "RHSA-2017:0498", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0498" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" }, { "reference_url": "https://usn.ubuntu.com/3233-1/", "reference_id": "USN-3233-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3233-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583594?format=api", "purl": "pkg:deb/debian/firefox@52.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@52.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" } ], "aliases": [ "CVE-2017-5408" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3ehk-593t-abcp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31904?format=api", "vulnerability_id": "VCID-3nup-1513-ybaq", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5400.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5400.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00999", "scoring_system": "epss", "scoring_elements": "0.77008", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00999", "scoring_system": "epss", "scoring_elements": "0.76945", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00999", "scoring_system": "epss", "scoring_elements": "0.76928", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00999", "scoring_system": "epss", "scoring_elements": "0.7696", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00999", "scoring_system": "epss", "scoring_elements": "0.76971", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00999", "scoring_system": "epss", "scoring_elements": "0.76999", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00999", "scoring_system": "epss", "scoring_elements": "0.76978", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00999", "scoring_system": "epss", "scoring_elements": "0.76973", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00999", "scoring_system": "epss", "scoring_elements": "0.77013", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00999", "scoring_system": "epss", "scoring_elements": "0.77015", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00999", "scoring_system": "epss", "scoring_elements": "0.76909", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00999", "scoring_system": "epss", "scoring_elements": "0.76915", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5400" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1334933", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1334933" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3805" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3832", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3832" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-06/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-06/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-07/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-07/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-09/" }, { "reference_url": "http://www.securityfocus.com/bid/96654", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96654" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429778", "reference_id": "1429778", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429778" }, { "reference_url": "https://security.archlinux.org/ASA-201703-2", "reference_id": "ASA-201703-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-2" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-193", "reference_id": "AVG-193", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-193" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5400", "reference_id": "CVE-2017-5400", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5400" }, { "reference_url": "https://security.gentoo.org/glsa/201705-06", "reference_id": "GLSA-201705-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-06" }, { "reference_url": "https://security.gentoo.org/glsa/201705-07", "reference_id": "GLSA-201705-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06", "reference_id": "mfsa2017-06", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07", "reference_id": "mfsa2017-07", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0459", "reference_id": "RHSA-2017:0459", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0459" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0461", "reference_id": "RHSA-2017:0461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0498", "reference_id": "RHSA-2017:0498", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0498" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" }, { "reference_url": "https://usn.ubuntu.com/3233-1/", "reference_id": "USN-3233-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3233-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583594?format=api", "purl": "pkg:deb/debian/firefox@52.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@52.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" } ], "aliases": [ "CVE-2017-5400" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3nup-1513-ybaq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31912?format=api", "vulnerability_id": "VCID-3tww-nhmh-gua6", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5410.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5410.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02531", "scoring_system": "epss", "scoring_elements": "0.85468", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02531", "scoring_system": "epss", "scoring_elements": "0.85464", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02531", "scoring_system": "epss", "scoring_elements": "0.8544", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02531", "scoring_system": "epss", "scoring_elements": "0.85367", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02531", "scoring_system": "epss", "scoring_elements": "0.85443", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02531", "scoring_system": "epss", "scoring_elements": "0.85445", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02531", "scoring_system": "epss", "scoring_elements": "0.85431", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02531", "scoring_system": "epss", "scoring_elements": "0.85422", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02531", "scoring_system": "epss", "scoring_elements": "0.85401", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02531", "scoring_system": "epss", "scoring_elements": "0.85398", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02531", "scoring_system": "epss", "scoring_elements": "0.85379", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5410" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1330687", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1330687" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3805" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3832", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3832" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-06/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-06/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-07/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-07/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-09/" }, { "reference_url": "http://www.securityfocus.com/bid/96693", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96693" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429783", "reference_id": "1429783", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429783" }, { "reference_url": "https://security.archlinux.org/ASA-201703-2", "reference_id": "ASA-201703-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-2" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-193", "reference_id": "AVG-193", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-193" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5410", "reference_id": "CVE-2017-5410", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5410" }, { "reference_url": "https://security.gentoo.org/glsa/201705-06", "reference_id": "GLSA-201705-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-06" }, { "reference_url": "https://security.gentoo.org/glsa/201705-07", "reference_id": "GLSA-201705-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06", "reference_id": "mfsa2017-06", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07", "reference_id": "mfsa2017-07", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0459", "reference_id": "RHSA-2017:0459", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0459" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0461", "reference_id": "RHSA-2017:0461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0498", "reference_id": "RHSA-2017:0498", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0498" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" }, { "reference_url": "https://usn.ubuntu.com/3233-1/", "reference_id": "USN-3233-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3233-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583594?format=api", "purl": "pkg:deb/debian/firefox@52.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@52.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" } ], "aliases": [ "CVE-2017-5410" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3tww-nhmh-gua6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31910?format=api", "vulnerability_id": "VCID-667g-8khd-kkhm", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5407.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5407.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01045", "scoring_system": "epss", "scoring_elements": "0.77509", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01045", "scoring_system": "epss", "scoring_elements": "0.77458", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01045", "scoring_system": "epss", "scoring_elements": "0.77438", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01045", "scoring_system": "epss", "scoring_elements": "0.77468", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01045", "scoring_system": "epss", "scoring_elements": "0.77477", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01045", "scoring_system": "epss", "scoring_elements": "0.77503", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01045", "scoring_system": "epss", "scoring_elements": "0.77484", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01045", "scoring_system": "epss", "scoring_elements": "0.7748", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01045", "scoring_system": "epss", "scoring_elements": "0.77519", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01045", "scoring_system": "epss", "scoring_elements": "0.77516", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01045", "scoring_system": "epss", "scoring_elements": "0.77426", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01045", "scoring_system": "epss", "scoring_elements": "0.77433", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5407" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1336622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1336622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3805" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3832", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3832" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-06/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-06/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-07/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-07/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-09/" }, { "reference_url": "http://www.securityfocus.com/bid/96693", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96693" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429782", "reference_id": "1429782", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429782" }, { "reference_url": "https://security.archlinux.org/ASA-201703-2", "reference_id": "ASA-201703-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-2" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-193", "reference_id": "AVG-193", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-193" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5407", "reference_id": "CVE-2017-5407", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5407" }, { "reference_url": "https://security.gentoo.org/glsa/201705-06", "reference_id": "GLSA-201705-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-06" }, { "reference_url": "https://security.gentoo.org/glsa/201705-07", "reference_id": "GLSA-201705-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06", "reference_id": "mfsa2017-06", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07", "reference_id": "mfsa2017-07", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0459", "reference_id": "RHSA-2017:0459", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0459" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0461", "reference_id": "RHSA-2017:0461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0498", "reference_id": "RHSA-2017:0498", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0498" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" }, { "reference_url": "https://usn.ubuntu.com/3233-1/", "reference_id": "USN-3233-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3233-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583594?format=api", "purl": "pkg:deb/debian/firefox@52.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@52.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" } ], "aliases": [ "CVE-2017-5407" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-667g-8khd-kkhm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62814?format=api", "vulnerability_id": "VCID-6b9m-3w58-qydd", "summary": "The file picker dialog can choose and display the wrong local default directory when instantiated. On some operating systems, this can lead to information disclosure, such as the operating system or the local account name.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5414", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32388", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32464", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32468", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.3243", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32403", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.3244", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32417", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.3238", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.3253", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32565", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32389", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32437", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5414" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1319370", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1319370" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-09/" }, { "reference_url": "http://www.securityfocus.com/bid/96692", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96692" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5414", "reference_id": "CVE-2017-5414", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:C/I:N/A:N" }, { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5414" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583594?format=api", "purl": "pkg:deb/debian/firefox@52.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@52.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" } ], "aliases": [ "CVE-2017-5414" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6b9m-3w58-qydd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62808?format=api", "vulnerability_id": "VCID-6m1t-sn26-fbaf", "summary": "When adding a range to an object in the DOM, it is possible to use addRange to add the range to an incorrect root object. This triggers a use-after-free, resulting in a potentially exploitable crash.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5403", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66706", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66696", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66715", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66703", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66673", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66707", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66721", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66592", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66632", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66659", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66681", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5403" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1340186", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1340186" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-09/" }, { "reference_url": "http://www.securityfocus.com/bid/96691", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96691" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5403", "reference_id": "CVE-2017-5403", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5403" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583594?format=api", "purl": "pkg:deb/debian/firefox@52.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@52.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" } ], "aliases": [ "CVE-2017-5403" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6m1t-sn26-fbaf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62825?format=api", "vulnerability_id": "VCID-6wce-w5a8-2qet", "summary": "If a malicious site uses the view-source: protocol in a series within a single hyperlink, it can trigger a non-exploitable browser crash when the hyperlink is selected. This was fixed by no longer making view-source: linkable.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5422", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.7285", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72807", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72832", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72815", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72806", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72848", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72858", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72752", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72759", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72779", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72755", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72794", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5422" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1295002", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1295002" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-09/" }, { "reference_url": "http://www.securityfocus.com/bid/96692", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96692" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5422", "reference_id": "CVE-2017-5422", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5422" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583594?format=api", "purl": "pkg:deb/debian/firefox@52.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@52.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" } ], "aliases": [ "CVE-2017-5422" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6wce-w5a8-2qet" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62817?format=api", "vulnerability_id": "VCID-6wy1-juan-8ua8", "summary": "When dragging content from the primary browser pane to the addressbar on a malicious site, it is possible to change the addressbar so that the displayed location following navigation does not match the URL of the newly loaded page. This allows for spoofing attacks.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5417", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58789", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58661", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58786", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58793", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58811", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58773", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58806", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58744", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58765", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58733", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5417" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=791597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=791597" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "http://www.securityfocus.com/bid/96692", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96692" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5417", "reference_id": "CVE-2017-5417", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5417" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583594?format=api", "purl": "pkg:deb/debian/firefox@52.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@52.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" } ], "aliases": [ "CVE-2017-5417" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6wy1-juan-8ua8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31905?format=api", "vulnerability_id": "VCID-dxr7-qubc-tyb7", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5401.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5401.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02199", "scoring_system": "epss", "scoring_elements": "0.8444", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02199", "scoring_system": "epss", "scoring_elements": "0.84437", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02199", "scoring_system": "epss", "scoring_elements": "0.84414", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02199", "scoring_system": "epss", "scoring_elements": "0.84343", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02199", "scoring_system": "epss", "scoring_elements": "0.84418", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02199", "scoring_system": "epss", "scoring_elements": "0.84425", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02199", "scoring_system": "epss", "scoring_elements": "0.84407", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02199", "scoring_system": "epss", "scoring_elements": "0.84402", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02199", "scoring_system": "epss", "scoring_elements": "0.8438", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02199", "scoring_system": "epss", "scoring_elements": "0.84378", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02199", "scoring_system": "epss", "scoring_elements": "0.84357", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5401" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1328861", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1328861" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3805" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3832", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3832" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-06/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-06/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-07/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-07/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-09/" }, { "reference_url": "http://www.securityfocus.com/bid/96677", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96677" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429779", "reference_id": "1429779", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429779" }, { "reference_url": "https://security.archlinux.org/ASA-201703-2", "reference_id": "ASA-201703-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-2" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-193", "reference_id": "AVG-193", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-193" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5401", "reference_id": "CVE-2017-5401", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5401" }, { "reference_url": "https://security.gentoo.org/glsa/201705-06", "reference_id": "GLSA-201705-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-06" }, { "reference_url": "https://security.gentoo.org/glsa/201705-07", "reference_id": "GLSA-201705-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06", "reference_id": "mfsa2017-06", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07", "reference_id": "mfsa2017-07", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0459", "reference_id": "RHSA-2017:0459", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0459" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0461", "reference_id": "RHSA-2017:0461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0498", "reference_id": "RHSA-2017:0498", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0498" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" }, { "reference_url": "https://usn.ubuntu.com/3233-1/", "reference_id": "USN-3233-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3233-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583594?format=api", "purl": "pkg:deb/debian/firefox@52.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@52.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" } ], "aliases": [ "CVE-2017-5401" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dxr7-qubc-tyb7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62813?format=api", "vulnerability_id": "VCID-ecmf-7x8a-jugv", "summary": "A segmentation fault can occur during some bidirectional layout operations.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5413", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00564", "scoring_system": "epss", "scoring_elements": "0.6842", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00564", "scoring_system": "epss", "scoring_elements": "0.68409", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00564", "scoring_system": "epss", "scoring_elements": "0.68436", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00564", "scoring_system": "epss", "scoring_elements": "0.68424", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00564", "scoring_system": "epss", "scoring_elements": "0.68391", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00564", "scoring_system": "epss", "scoring_elements": "0.68428", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00564", "scoring_system": "epss", "scoring_elements": "0.68442", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00564", "scoring_system": "epss", "scoring_elements": "0.68325", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00564", "scoring_system": "epss", "scoring_elements": "0.68345", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00564", "scoring_system": "epss", "scoring_elements": "0.68364", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00564", "scoring_system": "epss", "scoring_elements": "0.68341", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00564", "scoring_system": "epss", "scoring_elements": "0.68392", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5413" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1337504", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1337504" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-09/" }, { "reference_url": "http://www.securityfocus.com/bid/96692", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96692" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5413", "reference_id": "CVE-2017-5413", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5413" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583594?format=api", "purl": "pkg:deb/debian/firefox@52.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@52.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" } ], "aliases": [ "CVE-2017-5413" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ecmf-7x8a-jugv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62826?format=api", "vulnerability_id": "VCID-erx8-1tfq-kyce", "summary": "Mozilla developers and community members Carsten Book, Calixte Denizet, Christian Holler, Andrew McCreight, David Bolter, David Keeler, Jon Coppeard, Tyson Smith, Ronald Crane, Tooru Fujisawa, Ben Kelly, Bob Owen, Jed Davis, Julian Seward, Julian Hector, Philipp, Markus Stange, and André Bargull reported memory safety bugs present in Firefox 51. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5399", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.72724", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.72682", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.72705", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.72688", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.72678", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.7272", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.72731", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.72627", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.72635", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.72652", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.7263", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.72669", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5399" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1332569%2C1315248%2C1261335%2C1321038%2C1331771%2C1339566%2C1339591%2C1240893%2C1341905%2C1323241%2C1336467%2C1270288%2C1295299%2C1296024%2C1304201%2C1306142%2C1307557%2C1308036%2C1334246%2C1334290%2C1317085%2C1339116%2C1324000%2C1323150%2C1332501%2C1320894%2C1333752%2C1303713%2C1321566%2C1264053%2C1343513", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1332569%2C1315248%2C1261335%2C1321038%2C1331771%2C1339566%2C1339591%2C1240893%2C1341905%2C1323241%2C1336467%2C1270288%2C1295299%2C1296024%2C1304201%2C1306142%2C1307557%2C1308036%2C1334246%2C1334290%2C1317085%2C1339116%2C1324000%2C1323150%2C1332501%2C1320894%2C1333752%2C1303713%2C1321566%2C1264053%2C1343513" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-09/" }, { "reference_url": "http://www.securityfocus.com/bid/96692", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96692" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5399", "reference_id": "CVE-2017-5399", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:C/I:C/A:C" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5399" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583594?format=api", "purl": "pkg:deb/debian/firefox@52.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@52.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" } ], "aliases": [ "CVE-2017-5399" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-erx8-1tfq-kyce" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62816?format=api", "vulnerability_id": "VCID-gshc-3brh-c3dr", "summary": "In certain circumstances a networking event listener can be prematurely released. This appears to result in a null dereference in practice.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5416", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00856", "scoring_system": "epss", "scoring_elements": "0.75005", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00856", "scoring_system": "epss", "scoring_elements": "0.7498", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00856", "scoring_system": "epss", "scoring_elements": "0.75002", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00856", "scoring_system": "epss", "scoring_elements": "0.74981", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00856", "scoring_system": "epss", "scoring_elements": "0.74971", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00856", "scoring_system": "epss", "scoring_elements": "0.75008", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00856", "scoring_system": "epss", "scoring_elements": "0.75015", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00856", "scoring_system": "epss", "scoring_elements": "0.74927", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00856", "scoring_system": "epss", "scoring_elements": "0.7493", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00856", "scoring_system": "epss", "scoring_elements": "0.74959", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00856", "scoring_system": "epss", "scoring_elements": "0.74933", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00856", "scoring_system": "epss", "scoring_elements": "0.74967", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5416" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1328121", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1328121" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-09/" }, { "reference_url": "http://www.securityfocus.com/bid/96692", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96692" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5416", "reference_id": "CVE-2017-5416", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5416" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583594?format=api", "purl": "pkg:deb/debian/firefox@52.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@52.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" } ], "aliases": [ "CVE-2017-5416" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gshc-3brh-c3dr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31907?format=api", "vulnerability_id": "VCID-jwze-7mfw-r3ax", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5404.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5404.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.21288", "scoring_system": "epss", "scoring_elements": "0.95698", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.21288", "scoring_system": "epss", "scoring_elements": "0.95696", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.21288", "scoring_system": "epss", "scoring_elements": "0.95692", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.21288", "scoring_system": "epss", "scoring_elements": "0.95649", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.21288", "scoring_system": "epss", "scoring_elements": "0.95684", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.21288", "scoring_system": "epss", "scoring_elements": "0.95682", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.21288", "scoring_system": "epss", "scoring_elements": "0.95678", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.21288", "scoring_system": "epss", "scoring_elements": "0.95674", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.21288", "scoring_system": "epss", "scoring_elements": "0.95666", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.21288", "scoring_system": "epss", "scoring_elements": "0.95663", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.21288", "scoring_system": "epss", "scoring_elements": "0.95658", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5404" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1340138", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1340138" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3805" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3832", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3832" }, { "reference_url": "https://www.exploit-db.com/exploits/41660/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/41660/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-06/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-06/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-07/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-07/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-09/" }, { "reference_url": "http://www.securityfocus.com/bid/96664", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96664" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429781", "reference_id": "1429781", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429781" }, { "reference_url": "https://security.archlinux.org/ASA-201703-2", "reference_id": "ASA-201703-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-2" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-193", "reference_id": "AVG-193", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-193" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5404", "reference_id": "CVE-2017-5404", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5404" }, { "reference_url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1130", "reference_id": "CVE-2017-5404;MFSA2017-05", "reference_type": "exploit", "scores": [], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1130" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/41660.html", "reference_id": "CVE-2017-5404;MFSA2017-05", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/41660.html" }, { "reference_url": "https://security.gentoo.org/glsa/201705-06", "reference_id": "GLSA-201705-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-06" }, { "reference_url": "https://security.gentoo.org/glsa/201705-07", "reference_id": "GLSA-201705-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06", "reference_id": "mfsa2017-06", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07", "reference_id": "mfsa2017-07", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0459", "reference_id": "RHSA-2017:0459", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0459" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0461", "reference_id": "RHSA-2017:0461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0498", "reference_id": "RHSA-2017:0498", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0498" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" }, { "reference_url": "https://usn.ubuntu.com/3233-1/", "reference_id": "USN-3233-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3233-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583594?format=api", "purl": "pkg:deb/debian/firefox@52.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@52.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" } ], "aliases": [ "CVE-2017-5404" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jwze-7mfw-r3ax" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31906?format=api", "vulnerability_id": "VCID-npyt-d8qr-wqdj", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5402.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5402.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02498", "scoring_system": "epss", "scoring_elements": "0.85349", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02498", "scoring_system": "epss", "scoring_elements": "0.85289", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02498", "scoring_system": "epss", "scoring_elements": "0.85292", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02498", "scoring_system": "epss", "scoring_elements": "0.85313", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02498", "scoring_system": "epss", "scoring_elements": "0.85322", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02498", "scoring_system": "epss", "scoring_elements": "0.85336", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02498", "scoring_system": "epss", "scoring_elements": "0.85333", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02498", "scoring_system": "epss", "scoring_elements": "0.8533", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02498", "scoring_system": "epss", "scoring_elements": "0.8535", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02498", "scoring_system": "epss", "scoring_elements": "0.85352", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02498", "scoring_system": "epss", "scoring_elements": "0.85258", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02498", "scoring_system": "epss", "scoring_elements": "0.8527", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5402" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1334876", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1334876" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3805" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3832", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3832" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-06/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-06/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-07/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-07/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-09/" }, { "reference_url": "http://www.securityfocus.com/bid/96664", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96664" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429780", "reference_id": "1429780", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429780" }, { "reference_url": "https://security.archlinux.org/ASA-201703-2", "reference_id": "ASA-201703-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-2" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-193", "reference_id": "AVG-193", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-193" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5402", "reference_id": "CVE-2017-5402", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5402" }, { "reference_url": "https://security.gentoo.org/glsa/201705-06", "reference_id": "GLSA-201705-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-06" }, { "reference_url": "https://security.gentoo.org/glsa/201705-07", "reference_id": "GLSA-201705-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06", "reference_id": "mfsa2017-06", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07", "reference_id": "mfsa2017-07", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0459", "reference_id": "RHSA-2017:0459", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0459" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0461", "reference_id": "RHSA-2017:0461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0498", "reference_id": "RHSA-2017:0498", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0498" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" }, { "reference_url": "https://usn.ubuntu.com/3233-1/", "reference_id": "USN-3233-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3233-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583594?format=api", "purl": "pkg:deb/debian/firefox@52.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@52.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" } ], "aliases": [ "CVE-2017-5402" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-npyt-d8qr-wqdj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62823?format=api", "vulnerability_id": "VCID-qdc5-1z7p-zqar", "summary": "A javascript: url loaded by a malicious page can obfuscate its location by blanking the URL displayed in the addressbar, allowing for an attacker to spoof an existing page without the malicious page's address being displayed correctly.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5420", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00398", "scoring_system": "epss", "scoring_elements": "0.60651", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00398", "scoring_system": "epss", "scoring_elements": "0.60492", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00398", "scoring_system": "epss", "scoring_elements": "0.60652", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00398", "scoring_system": "epss", "scoring_elements": "0.60637", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00398", "scoring_system": "epss", "scoring_elements": "0.60616", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00398", "scoring_system": "epss", "scoring_elements": "0.60658", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00398", "scoring_system": "epss", "scoring_elements": "0.60664", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00398", "scoring_system": "epss", "scoring_elements": "0.60566", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00398", "scoring_system": "epss", "scoring_elements": "0.60594", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00398", "scoring_system": "epss", "scoring_elements": "0.60563", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00398", "scoring_system": "epss", "scoring_elements": "0.60612", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00398", "scoring_system": "epss", "scoring_elements": "0.60628", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5420" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1284395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1284395" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "http://www.securityfocus.com/bid/96692", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96692" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5420", "reference_id": "CVE-2017-5420", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5420" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583594?format=api", "purl": "pkg:deb/debian/firefox@52.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@52.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" } ], "aliases": [ "CVE-2017-5420" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qdc5-1z7p-zqar" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31903?format=api", "vulnerability_id": "VCID-r8en-yg26-w3a1", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5398.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5398.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03265", "scoring_system": "epss", "scoring_elements": "0.87168", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.03265", "scoring_system": "epss", "scoring_elements": "0.87163", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03265", "scoring_system": "epss", "scoring_elements": "0.87147", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03265", "scoring_system": "epss", "scoring_elements": "0.87095", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03265", "scoring_system": "epss", "scoring_elements": "0.87151", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03265", "scoring_system": "epss", "scoring_elements": "0.87157", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03265", "scoring_system": "epss", "scoring_elements": "0.87144", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03265", "scoring_system": "epss", "scoring_elements": "0.87136", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03265", "scoring_system": "epss", "scoring_elements": "0.87116", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03265", "scoring_system": "epss", "scoring_elements": "0.87123", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03265", "scoring_system": "epss", "scoring_elements": "0.87106", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5398" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1332550%2C1332597%2C1338383%2C1321612%2C1322971%2C1333568%2C1333887%2C1335450%2C1325052%2C1324379%2C1336510", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1332550%2C1332597%2C1338383%2C1321612%2C1322971%2C1333568%2C1333887%2C1335450%2C1325052%2C1324379%2C1336510" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3805" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3832", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3832" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-06/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-06/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-07/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-07/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-09/" }, { "reference_url": "http://www.securityfocus.com/bid/96651", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96651" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429786", "reference_id": "1429786", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429786" }, { "reference_url": "https://security.archlinux.org/ASA-201703-2", "reference_id": "ASA-201703-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-2" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-193", "reference_id": "AVG-193", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-193" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5398", "reference_id": "CVE-2017-5398", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:C/I:C/A:C" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5398" }, { "reference_url": "https://security.gentoo.org/glsa/201705-06", "reference_id": "GLSA-201705-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-06" }, { "reference_url": "https://security.gentoo.org/glsa/201705-07", "reference_id": "GLSA-201705-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06", "reference_id": "mfsa2017-06", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07", "reference_id": "mfsa2017-07", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0459", "reference_id": "RHSA-2017:0459", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0459" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0461", "reference_id": "RHSA-2017:0461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0498", "reference_id": "RHSA-2017:0498", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0498" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" }, { "reference_url": "https://usn.ubuntu.com/3233-1/", "reference_id": "USN-3233-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3233-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583594?format=api", "purl": "pkg:deb/debian/firefox@52.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@52.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" } ], "aliases": [ "CVE-2017-5398" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r8en-yg26-w3a1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62824?format=api", "vulnerability_id": "VCID-re3h-pcpx-puhe", "summary": "A malicious site could spoof the contents of the print preview window if popup windows are enabled, resulting in user confusion of what site is currently loaded.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5421", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00405", "scoring_system": "epss", "scoring_elements": "0.61073", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00405", "scoring_system": "epss", "scoring_elements": "0.61056", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00405", "scoring_system": "epss", "scoring_elements": "0.61077", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00405", "scoring_system": "epss", "scoring_elements": "0.61063", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00405", "scoring_system": "epss", "scoring_elements": "0.61043", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00405", "scoring_system": "epss", "scoring_elements": "0.61084", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00405", "scoring_system": "epss", "scoring_elements": "0.61089", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00405", "scoring_system": "epss", "scoring_elements": "0.60921", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00405", "scoring_system": "epss", "scoring_elements": "0.60998", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00405", "scoring_system": "epss", "scoring_elements": "0.61026", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00405", "scoring_system": "epss", "scoring_elements": "0.60991", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00405", "scoring_system": "epss", "scoring_elements": "0.61039", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5421" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1301876", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1301876" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-09/" }, { "reference_url": "http://www.securityfocus.com/bid/96692", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96692" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5421", "reference_id": "CVE-2017-5421", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5421" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583594?format=api", "purl": "pkg:deb/debian/firefox@52.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@52.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" } ], "aliases": [ "CVE-2017-5421" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-re3h-pcpx-puhe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62819?format=api", "vulnerability_id": "VCID-rff5-96dg-qqgp", "summary": "On Linux, if the secure computing mode BPF (seccomp-bpf) filter is running when the Gecko Media Plugin sandbox is started, the sandbox fails to be applied and items that would run within the sandbox are run protected only by the running filter which is typically weak compared to the sandbox. *Note: this issue only affects Linux. Other operating systems are not affected.*", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5426", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00304", "scoring_system": "epss", "scoring_elements": "0.53688", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00304", "scoring_system": "epss", "scoring_elements": "0.53648", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00304", "scoring_system": "epss", "scoring_elements": "0.53697", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00304", "scoring_system": "epss", "scoring_elements": "0.53681", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00304", "scoring_system": "epss", "scoring_elements": "0.53664", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00304", "scoring_system": "epss", "scoring_elements": "0.53701", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00304", "scoring_system": "epss", "scoring_elements": "0.53706", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00304", "scoring_system": "epss", "scoring_elements": "0.53578", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00304", "scoring_system": "epss", "scoring_elements": "0.53602", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00304", "scoring_system": "epss", "scoring_elements": "0.5363", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00304", "scoring_system": "epss", "scoring_elements": "0.53599", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00304", "scoring_system": "epss", "scoring_elements": "0.5365", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5426" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1257361", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1257361" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-09/" }, { "reference_url": "http://www.securityfocus.com/bid/96694", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96694" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5426", "reference_id": "CVE-2017-5426", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5426" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583594?format=api", "purl": "pkg:deb/debian/firefox@52.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@52.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" } ], "aliases": [ "CVE-2017-5426" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rff5-96dg-qqgp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62812?format=api", "vulnerability_id": "VCID-ssxw-2rbk-cyfe", "summary": "A buffer overflow read during SVG filter color value operations, resulting in data exposure.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5412", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00361", "scoring_system": "epss", "scoring_elements": "0.58269", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00361", "scoring_system": "epss", "scoring_elements": "0.58277", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00361", "scoring_system": "epss", "scoring_elements": "0.58282", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00361", "scoring_system": "epss", "scoring_elements": "0.583", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00361", "scoring_system": "epss", "scoring_elements": "0.58257", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00361", "scoring_system": "epss", "scoring_elements": "0.58289", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00361", "scoring_system": "epss", "scoring_elements": "0.58291", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00361", "scoring_system": "epss", "scoring_elements": "0.58143", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00361", "scoring_system": "epss", "scoring_elements": "0.58228", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00361", "scoring_system": "epss", "scoring_elements": "0.58249", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00361", "scoring_system": "epss", "scoring_elements": "0.58223", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5412" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1328323", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1328323" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-09/" }, { "reference_url": "http://www.securityfocus.com/bid/96692", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96692" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5412", "reference_id": "CVE-2017-5412", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:N" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5412" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583594?format=api", "purl": "pkg:deb/debian/firefox@52.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@52.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" } ], "aliases": [ "CVE-2017-5412" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ssxw-2rbk-cyfe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31909?format=api", "vulnerability_id": "VCID-t4bj-qz9s-s7eb", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5405.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5405.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02352", "scoring_system": "epss", "scoring_elements": "0.84922", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02352", "scoring_system": "epss", "scoring_elements": "0.84859", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02352", "scoring_system": "epss", "scoring_elements": "0.84861", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02352", "scoring_system": "epss", "scoring_elements": "0.84883", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02352", "scoring_system": "epss", "scoring_elements": "0.8489", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02352", "scoring_system": "epss", "scoring_elements": "0.84909", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02352", "scoring_system": "epss", "scoring_elements": "0.84907", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02352", "scoring_system": "epss", "scoring_elements": "0.84902", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02352", "scoring_system": "epss", "scoring_elements": "0.84923", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02352", "scoring_system": "epss", "scoring_elements": "0.84924", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02352", "scoring_system": "epss", "scoring_elements": "0.84826", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02352", "scoring_system": "epss", "scoring_elements": "0.84841", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5405" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1336699", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1336699" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3805" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3832", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3832" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-06/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-06/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-07/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-07/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-09/" }, { "reference_url": "http://www.securityfocus.com/bid/96693", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96693" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429785", "reference_id": "1429785", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429785" }, { "reference_url": "https://security.archlinux.org/ASA-201703-2", "reference_id": "ASA-201703-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-2" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-193", "reference_id": "AVG-193", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-193" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5405", "reference_id": "CVE-2017-5405", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5405" }, { "reference_url": "https://security.gentoo.org/glsa/201705-06", "reference_id": "GLSA-201705-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-06" }, { "reference_url": "https://security.gentoo.org/glsa/201705-07", "reference_id": "GLSA-201705-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06", "reference_id": "mfsa2017-06", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07", "reference_id": "mfsa2017-07", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0459", "reference_id": "RHSA-2017:0459", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0459" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0461", "reference_id": "RHSA-2017:0461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0498", "reference_id": "RHSA-2017:0498", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0498" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" }, { "reference_url": "https://usn.ubuntu.com/3233-1/", "reference_id": "USN-3233-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3233-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583594?format=api", "purl": "pkg:deb/debian/firefox@52.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@52.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" } ], "aliases": [ "CVE-2017-5405" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t4bj-qz9s-s7eb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62809?format=api", "vulnerability_id": "VCID-w67x-2qg8-v7gv", "summary": "A segmentation fault can occur in the Skia graphics library during some canvas operations due to issues with mask/clip intersection and empty masks.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5406", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.7285", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72807", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72832", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72815", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72806", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72848", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72858", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72752", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72759", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72779", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72755", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00736", "scoring_system": "epss", "scoring_elements": "0.72794", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5406" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1306890", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1306890" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-09/" }, { "reference_url": "http://www.securityfocus.com/bid/96692", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96692" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5406", "reference_id": "CVE-2017-5406", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5406" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583594?format=api", "purl": "pkg:deb/debian/firefox@52.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@52.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" } ], "aliases": [ "CVE-2017-5406" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w67x-2qg8-v7gv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62821?format=api", "vulnerability_id": "VCID-w7g1-ub97-gqdd", "summary": "An out of bounds read error occurs when parsing some HTTP digest authorization responses, resulting in information leakage through the reading of random memory containing matches to specifically set patterns.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5418", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.66935", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.6693", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.6695", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.66936", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.66904", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.66938", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.66952", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.6683", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.66869", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.66895", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.66868", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.66916", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5418" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1338876", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1338876" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-09/" }, { "reference_url": "http://www.securityfocus.com/bid/96692", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96692" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5418", "reference_id": "CVE-2017-5418", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5418" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583594?format=api", "purl": "pkg:deb/debian/firefox@52.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@52.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" } ], "aliases": [ "CVE-2017-5418" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w7g1-ub97-gqdd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62822?format=api", "vulnerability_id": "VCID-zpz5-xyxk-4fby", "summary": "If a malicious site repeatedly triggers a modal authentication prompt, eventually the browser UI will become non-responsive, requiring shutdown through the operating system. This is a denial of service (DOS) attack.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5419", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00907", "scoring_system": "epss", "scoring_elements": "0.75785", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00907", "scoring_system": "epss", "scoring_elements": "0.75747", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00907", "scoring_system": "epss", "scoring_elements": "0.75758", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00907", "scoring_system": "epss", "scoring_elements": "0.75782", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00907", "scoring_system": "epss", "scoring_elements": "0.75764", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00907", "scoring_system": "epss", "scoring_elements": "0.75796", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00907", "scoring_system": "epss", "scoring_elements": "0.758", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00907", "scoring_system": "epss", "scoring_elements": "0.75701", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00907", "scoring_system": "epss", "scoring_elements": "0.75703", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00907", "scoring_system": "epss", "scoring_elements": "0.75734", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00907", "scoring_system": "epss", "scoring_elements": "0.75713", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5419" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1312243", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1312243" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-09/" }, { "reference_url": "http://www.securityfocus.com/bid/96692", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96692" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5419", "reference_id": "CVE-2017-5419", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:C" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5419" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583594?format=api", "purl": "pkg:deb/debian/firefox@52.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@52.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" } ], "aliases": [ "CVE-2017-5419" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zpz5-xyxk-4fby" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@52.0-1%3Fdistro=sid" }