Django REST framework
Api Root
Vulnerability List
Vulnerability Instance
Format
json
api
admin
Vulnerability Instance
Lookup for vulnerabilities affecting packages.
Vulnerability_id
VCID-4gwb-c8x5-tqbm
Summary
The Resource Timing API incorrectly revealed navigations in cross-origin iframes. This is a same-origin policy violation and could allow for data theft of URLs loaded by users.
Aliases
0
alias
CVE-2017-7830
Fixed_packages
0
url
pkg:alpm/archlinux/firefox@57.0-1
purl
pkg:alpm/archlinux/firefox@57.0-1
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@57.0-1
1
url
pkg:alpm/archlinux/thunderbird@52.5.0-1
purl
pkg:alpm/archlinux/thunderbird@52.5.0-1
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@52.5.0-1
2
url
pkg:deb/debian/firefox@57.0-1?distro=sid
purl
pkg:deb/debian/firefox@57.0-1?distro=sid
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@57.0-1%3Fdistro=sid
3
url
pkg:deb/debian/firefox@151.0.3-1?distro=sid
purl
pkg:deb/debian/firefox@151.0.3-1?distro=sid
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@151.0.3-1%3Fdistro=sid
4
url
pkg:deb/debian/firefox-esr@52.5.0esr-1?distro=trixie
purl
pkg:deb/debian/firefox-esr@52.5.0esr-1?distro=trixie
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@52.5.0esr-1%3Fdistro=trixie
5
url
pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie
purl
pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie
6
url
pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie
purl
pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie
is_vulnerable
true
affected_by_vulnerabilities
0
vulnerability
VCID-ghpk-c1e6-pkae
resource_url
http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie
7
url
pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie
purl
pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie
is_vulnerable
true
affected_by_vulnerabilities
0
vulnerability
VCID-ghpk-c1e6-pkae
resource_url
http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie
8
url
pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie
purl
pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie
is_vulnerable
true
affected_by_vulnerabilities
0
vulnerability
VCID-ghpk-c1e6-pkae
resource_url
http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie
9
url
pkg:deb/debian/thunderbird@1:52.5.0-1?distro=trixie
purl
pkg:deb/debian/thunderbird@1:52.5.0-1?distro=trixie
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:52.5.0-1%3Fdistro=trixie
10
url
pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie
purl
pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie
11
url
pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie
purl
pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie
12
url
pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie
purl
pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie
13
url
pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie
purl
pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie
14
url
pkg:ebuild/mail-client/thunderbird@52.6.0
purl
pkg:ebuild/mail-client/thunderbird@52.6.0
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@52.6.0
15
url
pkg:ebuild/mail-client/thunderbird-bin@52.6.0
purl
pkg:ebuild/mail-client/thunderbird-bin@52.6.0
is_vulnerable
false
affected_by_vulnerabilities
resource_url
http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@52.6.0
Affected_packages
0
url
pkg:alpm/archlinux/firefox@56.0.2-1
purl
pkg:alpm/archlinux/firefox@56.0.2-1
is_vulnerable
true
affected_by_vulnerabilities
0
vulnerability
VCID-2pwv-h1am-hqbb
1
vulnerability
VCID-3me6-q3c4-9uew
2
vulnerability
VCID-4gwb-c8x5-tqbm
3
vulnerability
VCID-53ts-p1ub-jufh
4
vulnerability
VCID-5b1g-3rp1-k3fc
5
vulnerability
VCID-61um-r6m7-cygn
6
vulnerability
VCID-6u66-r4t3-2qar
7
vulnerability
VCID-f9a9-wb1k-cygm
8
vulnerability
VCID-fhwg-mggf-p3fx
9
vulnerability
VCID-q9jc-5pc9-f3fq
10
vulnerability
VCID-qdtc-vxt9-2fbt
11
vulnerability
VCID-rtwc-5h7s-guge
12
vulnerability
VCID-rz2t-u58z-eqh7
13
vulnerability
VCID-t82h-zf9g-muep
14
vulnerability
VCID-wty8-5znd-77hh
resource_url
http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@56.0.2-1
1
url
pkg:alpm/archlinux/thunderbird@52.4.0-2
purl
pkg:alpm/archlinux/thunderbird@52.4.0-2
is_vulnerable
true
affected_by_vulnerabilities
0
vulnerability
VCID-2pwv-h1am-hqbb
1
vulnerability
VCID-4gwb-c8x5-tqbm
2
vulnerability
VCID-f9a9-wb1k-cygm
resource_url
http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@52.4.0-2
2
url
pkg:rpm/redhat/firefox@52.5.0-1?arch=el7_4
purl
pkg:rpm/redhat/firefox@52.5.0-1?arch=el7_4
is_vulnerable
true
affected_by_vulnerabilities
0
vulnerability
VCID-2pwv-h1am-hqbb
1
vulnerability
VCID-4gwb-c8x5-tqbm
2
vulnerability
VCID-f9a9-wb1k-cygm
resource_url
http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/firefox@52.5.0-1%3Farch=el7_4
3
url
pkg:rpm/redhat/firefox@52.5.0-1?arch=el6_9
purl
pkg:rpm/redhat/firefox@52.5.0-1?arch=el6_9
is_vulnerable
true
affected_by_vulnerabilities
0
vulnerability
VCID-2pwv-h1am-hqbb
1
vulnerability
VCID-4gwb-c8x5-tqbm
2
vulnerability
VCID-f9a9-wb1k-cygm
resource_url
http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/firefox@52.5.0-1%3Farch=el6_9
4
url
pkg:rpm/redhat/thunderbird@52.5.0-1?arch=el6_9
purl
pkg:rpm/redhat/thunderbird@52.5.0-1?arch=el6_9
is_vulnerable
true
affected_by_vulnerabilities
0
vulnerability
VCID-2pwv-h1am-hqbb
1
vulnerability
VCID-4gwb-c8x5-tqbm
2
vulnerability
VCID-f9a9-wb1k-cygm
resource_url
http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/thunderbird@52.5.0-1%3Farch=el6_9
5
url
pkg:rpm/redhat/thunderbird@52.5.0-1?arch=el7_4
purl
pkg:rpm/redhat/thunderbird@52.5.0-1?arch=el7_4
is_vulnerable
true
affected_by_vulnerabilities
0
vulnerability
VCID-2pwv-h1am-hqbb
1
vulnerability
VCID-4gwb-c8x5-tqbm
2
vulnerability
VCID-f9a9-wb1k-cygm
resource_url
http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/thunderbird@52.5.0-1%3Farch=el7_4
References
0
reference_url
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7830.json
reference_id
reference_type
scores
0
value
6.5
scoring_system
cvssv3
scoring_elements
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
url
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7830.json
1
reference_url
https://api.first.org/data/v1/epss?cve=CVE-2017-7830
reference_id
reference_type
scores
0
value
0.00862
scoring_system
epss
scoring_elements
0.75449
published_at
2026-06-05T12:55:00Z
1
value
0.00862
scoring_system
epss
scoring_elements
0.7542
published_at
2026-06-04T12:55:00Z
url
https://api.first.org/data/v1/epss?cve=CVE-2017-7830
2
reference_url
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7826
reference_id
reference_type
scores
url
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7826
3
reference_url
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7828
reference_id
reference_type
scores
url
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7828
4
reference_url
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7829
reference_id
reference_type
scores
url
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7829
5
reference_url
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7830
reference_id
reference_type
scores
url
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7830
6
reference_url
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7846
reference_id
reference_type
scores
url
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7846
7
reference_url
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7847
reference_id
reference_type
scores
url
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7847
8
reference_url
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7848
reference_id
reference_type
scores
url
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7848
9
reference_url
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value
5.1
scoring_system
cvssv2
scoring_elements
AV:N/AC:H/Au:N/C:P/I:P/A:P
1
value
7.5
scoring_system
cvssv3
scoring_elements
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url
https://bugzilla.redhat.com/show_bug.cgi?id=1513311
reference_id
1513311
reference_type
scores
url
https://bugzilla.redhat.com/show_bug.cgi?id=1513311
11
reference_url
https://security.archlinux.org/ASA-201711-23
reference_id
ASA-201711-23
reference_type
scores
url
https://security.archlinux.org/ASA-201711-23
12
reference_url
https://security.archlinux.org/ASA-201711-43
reference_id
ASA-201711-43
reference_type
scores
url
https://security.archlinux.org/ASA-201711-43
13
reference_url
https://security.archlinux.org/AVG-494
reference_id
AVG-494
reference_type
scores
0
value
Critical
scoring_system
archlinux
scoring_elements
url
https://security.archlinux.org/AVG-494
14
reference_url
https://security.archlinux.org/AVG-530
reference_id
AVG-530
reference_type
scores
0
value
Critical
scoring_system
archlinux
scoring_elements
url
https://security.archlinux.org/AVG-530
15
reference_url
https://security.gentoo.org/glsa/201803-14
reference_id
GLSA-201803-14
reference_type
scores
url
https://security.gentoo.org/glsa/201803-14
16
reference_url
https://www.mozilla.org/en-US/security/advisories/mfsa2017-24
reference_id
mfsa2017-24
reference_type
scores
0
value
critical
scoring_system
generic_textual
scoring_elements
url
https://www.mozilla.org/en-US/security/advisories/mfsa2017-24
17
reference_url
https://www.mozilla.org/en-US/security/advisories/mfsa2017-25
reference_id
mfsa2017-25
reference_type
scores
0
value
critical
scoring_system
generic_textual
scoring_elements
url
https://www.mozilla.org/en-US/security/advisories/mfsa2017-25
18
reference_url
https://www.mozilla.org/en-US/security/advisories/mfsa2017-26
reference_id
mfsa2017-26
reference_type
scores
0
value
critical
scoring_system
generic_textual
scoring_elements
url
https://www.mozilla.org/en-US/security/advisories/mfsa2017-26
19
reference_url
https://access.redhat.com/errata/RHSA-2017:3247
reference_id
RHSA-2017:3247
reference_type
scores
url
https://access.redhat.com/errata/RHSA-2017:3247
20
reference_url
https://access.redhat.com/errata/RHSA-2017:3372
reference_id
RHSA-2017:3372
reference_type
scores
url
https://access.redhat.com/errata/RHSA-2017:3372
21
reference_url
https://usn.ubuntu.com/3477-1/
reference_id
USN-3477-1
reference_type
scores
url
https://usn.ubuntu.com/3477-1/
22
reference_url
https://usn.ubuntu.com/3490-1/
reference_id
USN-3490-1
reference_type
scores
url
https://usn.ubuntu.com/3490-1/
Weaknesses
0
cwe_id
200
name
Exposure of Sensitive Information to an Unauthorized Actor
description
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
Exploits
Severity_range_score
5.1 - 10.0
Exploitability
0.5
Weighted_severity
9.0
Risk_score
4.5
Resource_url
http://public2.vulnerablecode.io/vulnerabilities/VCID-4gwb-c8x5-tqbm
×
Create
None
×
Edit
None