{"url":"http://public2.vulnerablecode.io/api/packages/448?format=json","purl":"pkg:mozilla/Firefox%20ESR@52.3.0","type":"mozilla","namespace":"","name":"Firefox ESR","version":"52.3.0","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"52.4.0","latest_non_vulnerable_version":"140.11.0","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/593?format=json","vulnerability_id":"VCID-5muy-mca9-rqet","summary":"The Developer Tools feature suffers from a XUL injection vulnerability due to improper sanitization of the web page source code. In the worst case, this could allow arbitrary code execution when opening a malicious page with the style editor tool.","references":[{"reference_url":"https://security.archlinux.org/ASA-201708-3","reference_id":"ASA-201708-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201708-3"},{"reference_url":"https://security.archlinux.org/AVG-375","reference_id":"AVG-375","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-375"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-18","reference_id":"mfsa2017-18","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-18"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-19","reference_id":"mfsa2017-19","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-19"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/448?format=json","purl":"pkg:mozilla/Firefox%20ESR@52.3.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox%2520ESR@52.3.0"}],"aliases":["CVE-2017-7798"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5muy-mca9-rqet"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox%2520ESR@52.3.0"}