{"url":"http://public2.vulnerablecode.io/api/packages/1876?format=json","purl":"pkg:alpm/archlinux/thunderbird@52.2.0-1","type":"alpm","namespace":"archlinux","name":"thunderbird","version":"52.2.0-1","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"52.3.0-1","latest_non_vulnerable_version":"91.10-1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/650?format=json","vulnerability_id":"VCID-1j25-aujy-1fb3","summary":"A use-after-free vulnerability during specific user interactions with the input method editor (IME) in some languages due to how events are handled. This results in a potentially exploitable crash but would require specific user interaction to trigger.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7752.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7752.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7752","reference_id":"","reference_type":"","scores":[{"value":"0.00972","scoring_system":"epss","scoring_elements":"0.77026","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00972","scoring_system":"epss","scoring_elements":"0.77004","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00972","scoring_system":"epss","scoring_elements":"0.77018","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00972","scoring_system":"epss","scoring_elements":"0.77027","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00972","scoring_system":"epss","scoring_elements":"0.76985","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00972","scoring_system":"epss","scoring_elements":"0.77015","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7752"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:P"},{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461256","reference_id":"1461256","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461256"},{"reference_url":"https://security.archlinux.org/ASA-201706-19","reference_id":"ASA-201706-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-19"},{"reference_url":"https://security.archlinux.org/ASA-201706-20","reference_id":"ASA-201706-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-20"},{"reference_url":"https://security.archlinux.org/AVG-302","reference_id":"AVG-302","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-302"},{"reference_url":"https://security.archlinux.org/AVG-303","reference_id":"AVG-303","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-303"},{"reference_url":"https://security.gentoo.org/glsa/201802-03","reference_id":"GLSA-201802-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15","reference_id":"mfsa2017-15","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16","reference_id":"mfsa2017-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17","reference_id":"mfsa2017-17","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1440","reference_id":"RHSA-2017:1440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1561","reference_id":"RHSA-2017:1561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1561"},{"reference_url":"https://usn.ubuntu.com/3315-1/","reference_id":"USN-3315-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3315-1/"},{"reference_url":"https://usn.ubuntu.com/3321-1/","reference_id":"USN-3321-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3321-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1876?format=json","purl":"pkg:alpm/archlinux/thunderbird@52.2.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@52.2.0-1"}],"aliases":["CVE-2017-7752"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1j25-aujy-1fb3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/653?format=json","vulnerability_id":"VCID-1qr1-6zdx-fqd1","summary":"A use-after-free vulnerability in IndexedDB when one of its objects is destroyed in memory while a method on it is still being executed. This results in a potentially exploitable crash.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7757.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7757.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7757","reference_id":"","reference_type":"","scores":[{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83495","published_at":"2026-06-09T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83481","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83492","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83494","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83467","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.8349","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7757"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461259","reference_id":"1461259","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461259"},{"reference_url":"https://security.archlinux.org/ASA-201706-19","reference_id":"ASA-201706-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-19"},{"reference_url":"https://security.archlinux.org/ASA-201706-20","reference_id":"ASA-201706-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-20"},{"reference_url":"https://security.archlinux.org/AVG-302","reference_id":"AVG-302","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-302"},{"reference_url":"https://security.archlinux.org/AVG-303","reference_id":"AVG-303","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-303"},{"reference_url":"https://security.gentoo.org/glsa/201802-03","reference_id":"GLSA-201802-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15","reference_id":"mfsa2017-15","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16","reference_id":"mfsa2017-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17","reference_id":"mfsa2017-17","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1440","reference_id":"RHSA-2017:1440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1561","reference_id":"RHSA-2017:1561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1561"},{"reference_url":"https://usn.ubuntu.com/3315-1/","reference_id":"USN-3315-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3315-1/"},{"reference_url":"https://usn.ubuntu.com/3321-1/","reference_id":"USN-3321-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3321-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1876?format=json","purl":"pkg:alpm/archlinux/thunderbird@52.2.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@52.2.0-1"}],"aliases":["CVE-2017-7757"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1qr1-6zdx-fqd1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/646?format=json","vulnerability_id":"VCID-2ep2-61mb-cbd3","summary":"A use-after-free vulnerability when using an incorrect URL during the reloading of a docshell. This results in a potentially exploitable crash.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7749.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7749.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7749","reference_id":"","reference_type":"","scores":[{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83495","published_at":"2026-06-09T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83481","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83492","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83494","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83467","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.8349","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461253","reference_id":"1461253","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461253"},{"reference_url":"https://security.archlinux.org/ASA-201706-19","reference_id":"ASA-201706-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-19"},{"reference_url":"https://security.archlinux.org/ASA-201706-20","reference_id":"ASA-201706-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-20"},{"reference_url":"https://security.archlinux.org/AVG-302","reference_id":"AVG-302","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-302"},{"reference_url":"https://security.archlinux.org/AVG-303","reference_id":"AVG-303","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-303"},{"reference_url":"https://security.gentoo.org/glsa/201802-03","reference_id":"GLSA-201802-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15","reference_id":"mfsa2017-15","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16","reference_id":"mfsa2017-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17","reference_id":"mfsa2017-17","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1440","reference_id":"RHSA-2017:1440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1561","reference_id":"RHSA-2017:1561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1561"},{"reference_url":"https://usn.ubuntu.com/3315-1/","reference_id":"USN-3315-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3315-1/"},{"reference_url":"https://usn.ubuntu.com/3321-1/","reference_id":"USN-3321-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3321-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1876?format=json","purl":"pkg:alpm/archlinux/thunderbird@52.2.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@52.2.0-1"}],"aliases":["CVE-2017-7749"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2ep2-61mb-cbd3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/647?format=json","vulnerability_id":"VCID-2nfu-kf32-myag","summary":"A use-after-free vulnerability during video control operations when a <track> element holds a reference to an older window if that window has been replaced in the DOM. This results in a potentially exploitable crash.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7750.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7750.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7750","reference_id":"","reference_type":"","scores":[{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83495","published_at":"2026-06-09T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83481","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83492","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83494","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83467","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.8349","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7750"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461254","reference_id":"1461254","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461254"},{"reference_url":"https://security.archlinux.org/ASA-201706-19","reference_id":"ASA-201706-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-19"},{"reference_url":"https://security.archlinux.org/ASA-201706-20","reference_id":"ASA-201706-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-20"},{"reference_url":"https://security.archlinux.org/AVG-302","reference_id":"AVG-302","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-302"},{"reference_url":"https://security.archlinux.org/AVG-303","reference_id":"AVG-303","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-303"},{"reference_url":"https://security.gentoo.org/glsa/201802-03","reference_id":"GLSA-201802-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15","reference_id":"mfsa2017-15","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16","reference_id":"mfsa2017-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17","reference_id":"mfsa2017-17","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1440","reference_id":"RHSA-2017:1440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1561","reference_id":"RHSA-2017:1561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1561"},{"reference_url":"https://usn.ubuntu.com/3315-1/","reference_id":"USN-3315-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3315-1/"},{"reference_url":"https://usn.ubuntu.com/3321-1/","reference_id":"USN-3321-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3321-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1876?format=json","purl":"pkg:alpm/archlinux/thunderbird@52.2.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@52.2.0-1"}],"aliases":["CVE-2017-7750"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2nfu-kf32-myag"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4541?format=json","vulnerability_id":"VCID-6pr4-1zfj-9ydj","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7772.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7772.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7772","reference_id":"","reference_type":"","scores":[{"value":"0.00618","scoring_system":"epss","scoring_elements":"0.70381","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00618","scoring_system":"epss","scoring_elements":"0.70337","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00618","scoring_system":"epss","scoring_elements":"0.7037","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00618","scoring_system":"epss","scoring_elements":"0.70388","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00618","scoring_system":"epss","scoring_elements":"0.70359","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00618","scoring_system":"epss","scoring_elements":"0.70379","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7772"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1472213","reference_id":"1472213","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1472213"},{"reference_url":"https://security.archlinux.org/ASA-201706-19","reference_id":"ASA-201706-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-19"},{"reference_url":"https://security.archlinux.org/ASA-201706-20","reference_id":"ASA-201706-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-20"},{"reference_url":"https://security.archlinux.org/AVG-302","reference_id":"AVG-302","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-302"},{"reference_url":"https://security.archlinux.org/AVG-303","reference_id":"AVG-303","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-303"},{"reference_url":"https://security.gentoo.org/glsa/201710-13","reference_id":"GLSA-201710-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-13"},{"reference_url":"https://security.gentoo.org/glsa/201802-03","reference_id":"GLSA-201802-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1440","reference_id":"RHSA-2017:1440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1561","reference_id":"RHSA-2017:1561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1561"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1793","reference_id":"RHSA-2017:1793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1793"},{"reference_url":"https://usn.ubuntu.com/3315-1/","reference_id":"USN-3315-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3315-1/"},{"reference_url":"https://usn.ubuntu.com/3321-1/","reference_id":"USN-3321-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3321-1/"},{"reference_url":"https://usn.ubuntu.com/3398-1/","reference_id":"USN-3398-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3398-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1876?format=json","purl":"pkg:alpm/archlinux/thunderbird@52.2.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@52.2.0-1"}],"aliases":["CVE-2017-7772"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6pr4-1zfj-9ydj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/659?format=json","vulnerability_id":"VCID-6s7e-79u3-h7ed","summary":"Mozilla developers and community members Tyson Smith, Mats Palmgren, Philipp, Masayuki Nakano, Christian Holler, Andrew McCreight, Gary Kwong, André Bargull, Carsten Book, Jesse Schwartzentruber, Julian Hector, Marcia Knous, Ronald Crane, and Nils Ohlmeier reported memory safety bugs present in Firefox 53, Firefox ESR 52.1, and Thunderbird 52.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5470.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5470.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5470","reference_id":"","reference_type":"","scores":[{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83495","published_at":"2026-06-09T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83481","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83492","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83494","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83467","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.8349","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461264","reference_id":"1461264","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461264"},{"reference_url":"https://security.archlinux.org/ASA-201706-19","reference_id":"ASA-201706-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-19"},{"reference_url":"https://security.archlinux.org/ASA-201706-20","reference_id":"ASA-201706-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-20"},{"reference_url":"https://security.archlinux.org/AVG-302","reference_id":"AVG-302","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-302"},{"reference_url":"https://security.archlinux.org/AVG-303","reference_id":"AVG-303","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-303"},{"reference_url":"https://security.gentoo.org/glsa/201802-03","reference_id":"GLSA-201802-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15","reference_id":"mfsa2017-15","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16","reference_id":"mfsa2017-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17","reference_id":"mfsa2017-17","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1440","reference_id":"RHSA-2017:1440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1561","reference_id":"RHSA-2017:1561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1561"},{"reference_url":"https://usn.ubuntu.com/3315-1/","reference_id":"USN-3315-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3315-1/"},{"reference_url":"https://usn.ubuntu.com/3321-1/","reference_id":"USN-3321-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3321-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1876?format=json","purl":"pkg:alpm/archlinux/thunderbird@52.2.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@52.2.0-1"}],"aliases":["CVE-2017-5470"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6s7e-79u3-h7ed"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4537?format=json","vulnerability_id":"VCID-8hfq-xxg6-tue8","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7776.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7776.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7776","reference_id":"","reference_type":"","scores":[{"value":"0.00618","scoring_system":"epss","scoring_elements":"0.70381","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00618","scoring_system":"epss","scoring_elements":"0.70337","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00618","scoring_system":"epss","scoring_elements":"0.7037","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00618","scoring_system":"epss","scoring_elements":"0.70388","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00618","scoring_system":"epss","scoring_elements":"0.70359","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00618","scoring_system":"epss","scoring_elements":"0.70379","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:P"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1472223","reference_id":"1472223","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1472223"},{"reference_url":"https://security.archlinux.org/ASA-201706-19","reference_id":"ASA-201706-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-19"},{"reference_url":"https://security.archlinux.org/ASA-201706-20","reference_id":"ASA-201706-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-20"},{"reference_url":"https://security.archlinux.org/AVG-302","reference_id":"AVG-302","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-302"},{"reference_url":"https://security.archlinux.org/AVG-303","reference_id":"AVG-303","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-303"},{"reference_url":"https://security.gentoo.org/glsa/201710-13","reference_id":"GLSA-201710-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-13"},{"reference_url":"https://security.gentoo.org/glsa/201802-03","reference_id":"GLSA-201802-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1440","reference_id":"RHSA-2017:1440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1561","reference_id":"RHSA-2017:1561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1561"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1793","reference_id":"RHSA-2017:1793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1793"},{"reference_url":"https://usn.ubuntu.com/3315-1/","reference_id":"USN-3315-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3315-1/"},{"reference_url":"https://usn.ubuntu.com/3321-1/","reference_id":"USN-3321-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3321-1/"},{"reference_url":"https://usn.ubuntu.com/3398-1/","reference_id":"USN-3398-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3398-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1876?format=json","purl":"pkg:alpm/archlinux/thunderbird@52.2.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@52.2.0-1"}],"aliases":["CVE-2017-7776"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8hfq-xxg6-tue8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4542?format=json","vulnerability_id":"VCID-abde-jm4w-5yde","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7771.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7771.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7771","reference_id":"","reference_type":"","scores":[{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67924","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67885","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67922","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67932","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67909","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67925","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7771"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:P"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1472212","reference_id":"1472212","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1472212"},{"reference_url":"https://security.archlinux.org/ASA-201706-19","reference_id":"ASA-201706-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-19"},{"reference_url":"https://security.archlinux.org/ASA-201706-20","reference_id":"ASA-201706-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-20"},{"reference_url":"https://security.archlinux.org/AVG-302","reference_id":"AVG-302","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-302"},{"reference_url":"https://security.archlinux.org/AVG-303","reference_id":"AVG-303","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-303"},{"reference_url":"https://security.gentoo.org/glsa/201710-13","reference_id":"GLSA-201710-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-13"},{"reference_url":"https://security.gentoo.org/glsa/201802-03","reference_id":"GLSA-201802-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1440","reference_id":"RHSA-2017:1440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1561","reference_id":"RHSA-2017:1561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1561"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1793","reference_id":"RHSA-2017:1793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1793"},{"reference_url":"https://usn.ubuntu.com/3315-1/","reference_id":"USN-3315-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3315-1/"},{"reference_url":"https://usn.ubuntu.com/3321-1/","reference_id":"USN-3321-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3321-1/"},{"reference_url":"https://usn.ubuntu.com/3398-1/","reference_id":"USN-3398-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3398-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1876?format=json","purl":"pkg:alpm/archlinux/thunderbird@52.2.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@52.2.0-1"}],"aliases":["CVE-2017-7771"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-abde-jm4w-5yde"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/645?format=json","vulnerability_id":"VCID-bxpd-zacn-8bfv","summary":"A use-after-free vulnerability with the frameloader during tree reconstruction while regenerating CSS layout when attempting to use a node in the tree that no longer exists. This results in a potentially exploitable crash.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5472.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5472.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5472","reference_id":"","reference_type":"","scores":[{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83495","published_at":"2026-06-09T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83481","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83492","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83494","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83467","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.8349","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461252","reference_id":"1461252","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461252"},{"reference_url":"https://security.archlinux.org/ASA-201706-19","reference_id":"ASA-201706-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-19"},{"reference_url":"https://security.archlinux.org/ASA-201706-20","reference_id":"ASA-201706-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-20"},{"reference_url":"https://security.archlinux.org/AVG-302","reference_id":"AVG-302","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-302"},{"reference_url":"https://security.archlinux.org/AVG-303","reference_id":"AVG-303","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-303"},{"reference_url":"https://security.gentoo.org/glsa/201802-03","reference_id":"GLSA-201802-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15","reference_id":"mfsa2017-15","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16","reference_id":"mfsa2017-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17","reference_id":"mfsa2017-17","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1440","reference_id":"RHSA-2017:1440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1561","reference_id":"RHSA-2017:1561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1561"},{"reference_url":"https://usn.ubuntu.com/3315-1/","reference_id":"USN-3315-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3315-1/"},{"reference_url":"https://usn.ubuntu.com/3321-1/","reference_id":"USN-3321-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3321-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1876?format=json","purl":"pkg:alpm/archlinux/thunderbird@52.2.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@52.2.0-1"}],"aliases":["CVE-2017-5472"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bxpd-zacn-8bfv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4536?format=json","vulnerability_id":"VCID-njra-xv9f-ffck","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7777.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7777.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7777","reference_id":"","reference_type":"","scores":[{"value":"0.00495","scoring_system":"epss","scoring_elements":"0.66176","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00495","scoring_system":"epss","scoring_elements":"0.66125","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00495","scoring_system":"epss","scoring_elements":"0.66171","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00495","scoring_system":"epss","scoring_elements":"0.66186","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00495","scoring_system":"epss","scoring_elements":"0.66158","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00495","scoring_system":"epss","scoring_elements":"0.66177","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:P"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1472225","reference_id":"1472225","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1472225"},{"reference_url":"https://security.archlinux.org/ASA-201706-19","reference_id":"ASA-201706-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-19"},{"reference_url":"https://security.archlinux.org/ASA-201706-20","reference_id":"ASA-201706-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-20"},{"reference_url":"https://security.archlinux.org/AVG-302","reference_id":"AVG-302","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-302"},{"reference_url":"https://security.archlinux.org/AVG-303","reference_id":"AVG-303","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-303"},{"reference_url":"https://security.gentoo.org/glsa/201710-13","reference_id":"GLSA-201710-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-13"},{"reference_url":"https://security.gentoo.org/glsa/201802-03","reference_id":"GLSA-201802-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1440","reference_id":"RHSA-2017:1440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1561","reference_id":"RHSA-2017:1561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1561"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1793","reference_id":"RHSA-2017:1793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1793"},{"reference_url":"https://usn.ubuntu.com/3315-1/","reference_id":"USN-3315-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3315-1/"},{"reference_url":"https://usn.ubuntu.com/3321-1/","reference_id":"USN-3321-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3321-1/"},{"reference_url":"https://usn.ubuntu.com/3398-1/","reference_id":"USN-3398-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3398-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1876?format=json","purl":"pkg:alpm/archlinux/thunderbird@52.2.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@52.2.0-1"}],"aliases":["CVE-2017-7777"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-njra-xv9f-ffck"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4539?format=json","vulnerability_id":"VCID-ppw9-56ha-2bhm","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7774.json","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7774.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7774","reference_id":"","reference_type":"","scores":[{"value":"0.00562","scoring_system":"epss","scoring_elements":"0.68733","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00562","scoring_system":"epss","scoring_elements":"0.6869","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00562","scoring_system":"epss","scoring_elements":"0.68729","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00562","scoring_system":"epss","scoring_elements":"0.68737","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00562","scoring_system":"epss","scoring_elements":"0.68714","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00562","scoring_system":"epss","scoring_elements":"0.6873","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:P"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1472219","reference_id":"1472219","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1472219"},{"reference_url":"https://security.archlinux.org/ASA-201706-19","reference_id":"ASA-201706-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-19"},{"reference_url":"https://security.archlinux.org/ASA-201706-20","reference_id":"ASA-201706-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-20"},{"reference_url":"https://security.archlinux.org/AVG-302","reference_id":"AVG-302","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-302"},{"reference_url":"https://security.archlinux.org/AVG-303","reference_id":"AVG-303","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-303"},{"reference_url":"https://security.gentoo.org/glsa/201710-13","reference_id":"GLSA-201710-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-13"},{"reference_url":"https://security.gentoo.org/glsa/201802-03","reference_id":"GLSA-201802-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1440","reference_id":"RHSA-2017:1440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1561","reference_id":"RHSA-2017:1561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1561"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1793","reference_id":"RHSA-2017:1793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1793"},{"reference_url":"https://usn.ubuntu.com/3315-1/","reference_id":"USN-3315-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3315-1/"},{"reference_url":"https://usn.ubuntu.com/3321-1/","reference_id":"USN-3321-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3321-1/"},{"reference_url":"https://usn.ubuntu.com/3398-1/","reference_id":"USN-3398-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3398-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1876?format=json","purl":"pkg:alpm/archlinux/thunderbird@52.2.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@52.2.0-1"}],"aliases":["CVE-2017-7774"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ppw9-56ha-2bhm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/648?format=json","vulnerability_id":"VCID-s4se-eex7-h7a6","summary":"A use-after-free vulnerability with content viewer listeners that results in a potentially exploitable crash.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7751.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7751.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7751","reference_id":"","reference_type":"","scores":[{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83495","published_at":"2026-06-09T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83481","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83492","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83494","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83467","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.8349","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7751"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461255","reference_id":"1461255","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461255"},{"reference_url":"https://security.archlinux.org/ASA-201706-19","reference_id":"ASA-201706-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-19"},{"reference_url":"https://security.archlinux.org/ASA-201706-20","reference_id":"ASA-201706-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-20"},{"reference_url":"https://security.archlinux.org/AVG-302","reference_id":"AVG-302","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-302"},{"reference_url":"https://security.archlinux.org/AVG-303","reference_id":"AVG-303","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-303"},{"reference_url":"https://security.gentoo.org/glsa/201802-03","reference_id":"GLSA-201802-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15","reference_id":"mfsa2017-15","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16","reference_id":"mfsa2017-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17","reference_id":"mfsa2017-17","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1440","reference_id":"RHSA-2017:1440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1561","reference_id":"RHSA-2017:1561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1561"},{"reference_url":"https://usn.ubuntu.com/3315-1/","reference_id":"USN-3315-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3315-1/"},{"reference_url":"https://usn.ubuntu.com/3321-1/","reference_id":"USN-3321-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3321-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1876?format=json","purl":"pkg:alpm/archlinux/thunderbird@52.2.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@52.2.0-1"}],"aliases":["CVE-2017-7751"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s4se-eex7-h7a6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/657?format=json","vulnerability_id":"VCID-s8cd-xy2t-vyem","summary":"Characters from the \"Canadian Syllabics\" unicode block can be mixed with characters from other unicode blocks in the addressbar instead of being rendered as their raw \"punycode\" form, allowing for domain name spoofing attacks through character confusion. The current Unicode standard allows characters from \"Aspirational Use Scripts\" such as Canadian Syllabics to be mixed with Latin characters in the \"moderately restrictive\" IDN profile. We have changed Firefox behavior to match the upcoming Unicode version 10.0 which removes this category and treats them as \"Limited Use Scripts.\"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7764.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7764.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7764","reference_id":"","reference_type":"","scores":[{"value":"0.01035","scoring_system":"epss","scoring_elements":"0.77751","published_at":"2026-06-09T12:55:00Z"},{"value":"0.01035","scoring_system":"epss","scoring_elements":"0.77733","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01035","scoring_system":"epss","scoring_elements":"0.77746","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01035","scoring_system":"epss","scoring_elements":"0.77753","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01035","scoring_system":"epss","scoring_elements":"0.77719","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01035","scoring_system":"epss","scoring_elements":"0.77743","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:N/A:P"},{"value":"4.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461262","reference_id":"1461262","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461262"},{"reference_url":"https://security.archlinux.org/ASA-201706-19","reference_id":"ASA-201706-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-19"},{"reference_url":"https://security.archlinux.org/ASA-201706-20","reference_id":"ASA-201706-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-20"},{"reference_url":"https://security.archlinux.org/AVG-302","reference_id":"AVG-302","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-302"},{"reference_url":"https://security.archlinux.org/AVG-303","reference_id":"AVG-303","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-303"},{"reference_url":"https://security.gentoo.org/glsa/201802-03","reference_id":"GLSA-201802-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15","reference_id":"mfsa2017-15","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16","reference_id":"mfsa2017-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17","reference_id":"mfsa2017-17","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1440","reference_id":"RHSA-2017:1440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1561","reference_id":"RHSA-2017:1561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1561"},{"reference_url":"https://usn.ubuntu.com/3315-1/","reference_id":"USN-3315-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3315-1/"},{"reference_url":"https://usn.ubuntu.com/3321-1/","reference_id":"USN-3321-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3321-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1876?format=json","purl":"pkg:alpm/archlinux/thunderbird@52.2.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@52.2.0-1"}],"aliases":["CVE-2017-7764"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s8cd-xy2t-vyem"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/651?format=json","vulnerability_id":"VCID-u7r9-ukbq-mkb4","summary":"An out-of-bounds read in WebGL with a maliciously crafted ImageInfo object during WebGL operations.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7754.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7754.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7754","reference_id":"","reference_type":"","scores":[{"value":"0.01409","scoring_system":"epss","scoring_elements":"0.80882","published_at":"2026-06-09T12:55:00Z"},{"value":"0.01409","scoring_system":"epss","scoring_elements":"0.80864","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01409","scoring_system":"epss","scoring_elements":"0.80868","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01409","scoring_system":"epss","scoring_elements":"0.8087","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01409","scoring_system":"epss","scoring_elements":"0.8084","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01409","scoring_system":"epss","scoring_elements":"0.80867","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461257","reference_id":"1461257","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461257"},{"reference_url":"https://security.archlinux.org/ASA-201706-19","reference_id":"ASA-201706-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-19"},{"reference_url":"https://security.archlinux.org/ASA-201706-20","reference_id":"ASA-201706-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-20"},{"reference_url":"https://security.archlinux.org/AVG-302","reference_id":"AVG-302","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-302"},{"reference_url":"https://security.archlinux.org/AVG-303","reference_id":"AVG-303","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-303"},{"reference_url":"https://security.gentoo.org/glsa/201802-03","reference_id":"GLSA-201802-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15","reference_id":"mfsa2017-15","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16","reference_id":"mfsa2017-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17","reference_id":"mfsa2017-17","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1440","reference_id":"RHSA-2017:1440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1561","reference_id":"RHSA-2017:1561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1561"},{"reference_url":"https://usn.ubuntu.com/3315-1/","reference_id":"USN-3315-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3315-1/"},{"reference_url":"https://usn.ubuntu.com/3321-1/","reference_id":"USN-3321-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3321-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1876?format=json","purl":"pkg:alpm/archlinux/thunderbird@52.2.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@52.2.0-1"}],"aliases":["CVE-2017-7754"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u7r9-ukbq-mkb4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/652?format=json","vulnerability_id":"VCID-uaga-tye9-gqg1","summary":"A use-after-free and use-after-scope vulnerability when logging errors from headers for XML HTTP Requests (XHR). This could result in a potentially exploitable crash.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7756.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7756.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7756","reference_id":"","reference_type":"","scores":[{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83495","published_at":"2026-06-09T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83481","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83492","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83494","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.83467","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01874","scoring_system":"epss","scoring_elements":"0.8349","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461258","reference_id":"1461258","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461258"},{"reference_url":"https://security.archlinux.org/ASA-201706-19","reference_id":"ASA-201706-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-19"},{"reference_url":"https://security.archlinux.org/ASA-201706-20","reference_id":"ASA-201706-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-20"},{"reference_url":"https://security.archlinux.org/AVG-302","reference_id":"AVG-302","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-302"},{"reference_url":"https://security.archlinux.org/AVG-303","reference_id":"AVG-303","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-303"},{"reference_url":"https://security.gentoo.org/glsa/201802-03","reference_id":"GLSA-201802-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15","reference_id":"mfsa2017-15","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16","reference_id":"mfsa2017-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17","reference_id":"mfsa2017-17","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1440","reference_id":"RHSA-2017:1440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1561","reference_id":"RHSA-2017:1561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1561"},{"reference_url":"https://usn.ubuntu.com/3315-1/","reference_id":"USN-3315-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3315-1/"},{"reference_url":"https://usn.ubuntu.com/3321-1/","reference_id":"USN-3321-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3321-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1876?format=json","purl":"pkg:alpm/archlinux/thunderbird@52.2.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@52.2.0-1"}],"aliases":["CVE-2017-7756"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uaga-tye9-gqg1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/654?format=json","vulnerability_id":"VCID-uh5h-t12y-h3b1","summary":"A number of security vulnerabilities in the Graphite 2 library including out-of-bounds reads, buffer overflow reads and writes, and the use of uninitialized memory. These issues were addressed in Graphite 2 version 1.3.10.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7778.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7778.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7778","reference_id":"","reference_type":"","scores":[{"value":"0.01434","scoring_system":"epss","scoring_elements":"0.81071","published_at":"2026-06-09T12:55:00Z"},{"value":"0.01434","scoring_system":"epss","scoring_elements":"0.81053","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01434","scoring_system":"epss","scoring_elements":"0.81058","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01434","scoring_system":"epss","scoring_elements":"0.81061","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01434","scoring_system":"epss","scoring_elements":"0.81029","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01434","scoring_system":"epss","scoring_elements":"0.81057","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7778"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461260","reference_id":"1461260","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461260"},{"reference_url":"https://security.archlinux.org/ASA-201706-19","reference_id":"ASA-201706-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-19"},{"reference_url":"https://security.archlinux.org/ASA-201706-20","reference_id":"ASA-201706-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-20"},{"reference_url":"https://security.archlinux.org/AVG-302","reference_id":"AVG-302","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-302"},{"reference_url":"https://security.archlinux.org/AVG-303","reference_id":"AVG-303","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-303"},{"reference_url":"https://security.gentoo.org/glsa/201710-13","reference_id":"GLSA-201710-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-13"},{"reference_url":"https://security.gentoo.org/glsa/201802-03","reference_id":"GLSA-201802-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15","reference_id":"mfsa2017-15","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16","reference_id":"mfsa2017-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17","reference_id":"mfsa2017-17","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1440","reference_id":"RHSA-2017:1440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1561","reference_id":"RHSA-2017:1561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1561"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1793","reference_id":"RHSA-2017:1793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1793"},{"reference_url":"https://usn.ubuntu.com/3315-1/","reference_id":"USN-3315-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3315-1/"},{"reference_url":"https://usn.ubuntu.com/3321-1/","reference_id":"USN-3321-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3321-1/"},{"reference_url":"https://usn.ubuntu.com/3398-1/","reference_id":"USN-3398-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3398-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1876?format=json","purl":"pkg:alpm/archlinux/thunderbird@52.2.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@52.2.0-1"}],"aliases":["CVE-2017-7778"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uh5h-t12y-h3b1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4538?format=json","vulnerability_id":"VCID-wkxh-2hvz-kqhj","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7775.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7775.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1472221","reference_id":"1472221","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1472221"},{"reference_url":"https://security.archlinux.org/ASA-201706-19","reference_id":"ASA-201706-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-19"},{"reference_url":"https://security.archlinux.org/ASA-201706-20","reference_id":"ASA-201706-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-20"},{"reference_url":"https://security.archlinux.org/AVG-302","reference_id":"AVG-302","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-302"},{"reference_url":"https://security.archlinux.org/AVG-303","reference_id":"AVG-303","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-303"},{"reference_url":"https://security.gentoo.org/glsa/201710-13","reference_id":"GLSA-201710-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-13"},{"reference_url":"https://security.gentoo.org/glsa/201802-03","reference_id":"GLSA-201802-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1440","reference_id":"RHSA-2017:1440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1561","reference_id":"RHSA-2017:1561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1561"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1793","reference_id":"RHSA-2017:1793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1793"},{"reference_url":"https://usn.ubuntu.com/3315-1/","reference_id":"USN-3315-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3315-1/"},{"reference_url":"https://usn.ubuntu.com/3321-1/","reference_id":"USN-3321-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3321-1/"},{"reference_url":"https://usn.ubuntu.com/3398-1/","reference_id":"USN-3398-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3398-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1876?format=json","purl":"pkg:alpm/archlinux/thunderbird@52.2.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@52.2.0-1"}],"aliases":["CVE-2017-7775"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wkxh-2hvz-kqhj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/655?format=json","vulnerability_id":"VCID-wxca-7hua-tubu","summary":"An out-of-bounds read vulnerability with the Opus encoder when the number of channels in an audio stream changes while the encoder is in use.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7758.json","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7758.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7758","reference_id":"","reference_type":"","scores":[{"value":"0.01684","scoring_system":"epss","scoring_elements":"0.82576","published_at":"2026-06-09T12:55:00Z"},{"value":"0.01684","scoring_system":"epss","scoring_elements":"0.82545","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01684","scoring_system":"epss","scoring_elements":"0.82572","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01684","scoring_system":"epss","scoring_elements":"0.8257","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01684","scoring_system":"epss","scoring_elements":"0.82563","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7758"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:P"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461261","reference_id":"1461261","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461261"},{"reference_url":"https://security.archlinux.org/ASA-201706-19","reference_id":"ASA-201706-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-19"},{"reference_url":"https://security.archlinux.org/ASA-201706-20","reference_id":"ASA-201706-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-20"},{"reference_url":"https://security.archlinux.org/AVG-302","reference_id":"AVG-302","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-302"},{"reference_url":"https://security.archlinux.org/AVG-303","reference_id":"AVG-303","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-303"},{"reference_url":"https://security.gentoo.org/glsa/201802-03","reference_id":"GLSA-201802-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15","reference_id":"mfsa2017-15","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16","reference_id":"mfsa2017-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17","reference_id":"mfsa2017-17","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1440","reference_id":"RHSA-2017:1440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1561","reference_id":"RHSA-2017:1561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1561"},{"reference_url":"https://usn.ubuntu.com/3315-1/","reference_id":"USN-3315-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3315-1/"},{"reference_url":"https://usn.ubuntu.com/3321-1/","reference_id":"USN-3321-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3321-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1876?format=json","purl":"pkg:alpm/archlinux/thunderbird@52.2.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@52.2.0-1"}],"aliases":["CVE-2017-7758"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wxca-7hua-tubu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4540?format=json","vulnerability_id":"VCID-zakg-k4hk-fyhm","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7773.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7773.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7773","reference_id":"","reference_type":"","scores":[{"value":"0.00618","scoring_system":"epss","scoring_elements":"0.70381","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00618","scoring_system":"epss","scoring_elements":"0.70337","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00618","scoring_system":"epss","scoring_elements":"0.7037","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00618","scoring_system":"epss","scoring_elements":"0.70388","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00618","scoring_system":"epss","scoring_elements":"0.70359","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00618","scoring_system":"epss","scoring_elements":"0.70379","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7773"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1472215","reference_id":"1472215","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1472215"},{"reference_url":"https://security.archlinux.org/ASA-201706-19","reference_id":"ASA-201706-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-19"},{"reference_url":"https://security.archlinux.org/ASA-201706-20","reference_id":"ASA-201706-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-20"},{"reference_url":"https://security.archlinux.org/AVG-302","reference_id":"AVG-302","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-302"},{"reference_url":"https://security.archlinux.org/AVG-303","reference_id":"AVG-303","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-303"},{"reference_url":"https://security.gentoo.org/glsa/201710-13","reference_id":"GLSA-201710-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-13"},{"reference_url":"https://security.gentoo.org/glsa/201802-03","reference_id":"GLSA-201802-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1440","reference_id":"RHSA-2017:1440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1561","reference_id":"RHSA-2017:1561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1561"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1793","reference_id":"RHSA-2017:1793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1793"},{"reference_url":"https://usn.ubuntu.com/3315-1/","reference_id":"USN-3315-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3315-1/"},{"reference_url":"https://usn.ubuntu.com/3321-1/","reference_id":"USN-3321-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3321-1/"},{"reference_url":"https://usn.ubuntu.com/3398-1/","reference_id":"USN-3398-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3398-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1876?format=json","purl":"pkg:alpm/archlinux/thunderbird@52.2.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@52.2.0-1"}],"aliases":["CVE-2017-7773"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zakg-k4hk-fyhm"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@52.2.0-1"}