{"url":"http://public2.vulnerablecode.io/api/packages/582211?format=json","purl":"pkg:deb/debian/firefox@51.0-1?distro=sid","type":"deb","namespace":"debian","name":"firefox","version":"51.0-1","qualifiers":{"distro":"sid"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"52.0-1","latest_non_vulnerable_version":"150.0.3-1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62903?format=json","vulnerability_id":"VCID-4z19-eyh7-9yf4","summary":"The existence of a specifically requested local file can be found due to the double firing of the onerror when the source attribute on a  <track> tag refers to a file that does not exist if the source page is loaded locally.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5387","reference_id":"","reference_type":"","scores":[{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31434","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31895","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31425","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31433","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31341","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31364","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.32022","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.32063","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31886","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31938","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31967","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31971","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31931","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31897","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.3191","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31882","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31715","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31589","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31504","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31355","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5387"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1295023","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1295023"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-01/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-01/"},{"reference_url":"http://www.securityfocus.com/bid/95763","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/95763"},{"reference_url":"http://www.securitytracker.com/id/1037693","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037693"},{"reference_url":"https://security.archlinux.org/ASA-201701-39","reference_id":"ASA-201701-39","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-39"},{"reference_url":"https://security.archlinux.org/AVG-157","reference_id":"AVG-157","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-157"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5387","reference_id":"CVE-2017-5387","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:N/I:P/A:N"},{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5387"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01","reference_id":"mfsa2017-01","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01"},{"reference_url":"https://usn.ubuntu.com/3175-1/","reference_id":"USN-3175-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3175-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582211?format=json","purl":"pkg:deb/debian/firefox@51.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@51.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105248?format=json","purl":"pkg:deb/debian/firefox@150.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1112518?format=json","purl":"pkg:deb/debian/firefox@150.0.3-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid"}],"aliases":["CVE-2017-5387"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4z19-eyh7-9yf4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41541?format=json","vulnerability_id":"VCID-5n3q-eby7-67de","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird,\n    the worst of which could lead to the execution of arbitrary code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0190.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0190.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0238.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0238.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5373.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5373.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5373","reference_id":"","reference_type":"","scores":[{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.8297","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82844","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82853","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82858","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82878","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82898","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82919","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82918","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82932","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82714","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.8273","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82744","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82741","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82767","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82774","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.8279","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82785","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82781","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82819","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82822","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5373"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1322315%2C1328834%2C1322420%2C1285833%2C1285960%2C1328251%2C1331058%2C1325938%2C1325877","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1322315%2C1328834%2C1322420%2C1285833%2C1285960%2C1328251%2C1331058%2C1325938%2C1325877"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3771","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3771"},{"reference_url":"https://www.debian.org/security/2017/dsa-3832","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3832"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-01/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-01/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-02/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-02/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-03/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-03/"},{"reference_url":"http://www.securityfocus.com/bid/95762","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/95762"},{"reference_url":"http://www.securitytracker.com/id/1037693","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037693"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1415924","reference_id":"1415924","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1415924"},{"reference_url":"https://security.archlinux.org/ASA-201701-39","reference_id":"ASA-201701-39","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-39"},{"reference_url":"https://security.archlinux.org/ASA-201701-40","reference_id":"ASA-201701-40","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-40"},{"reference_url":"https://security.archlinux.org/AVG-157","reference_id":"AVG-157","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-157"},{"reference_url":"https://security.archlinux.org/AVG-158","reference_id":"AVG-158","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-158"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5373","reference_id":"CVE-2017-5373","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5373"},{"reference_url":"https://security.gentoo.org/glsa/201702-13","reference_id":"GLSA-201702-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201702-13"},{"reference_url":"https://security.gentoo.org/glsa/201702-22","reference_id":"GLSA-201702-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201702-22"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01","reference_id":"mfsa2017-01","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-02","reference_id":"mfsa2017-02","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-03","reference_id":"mfsa2017-03","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0190","reference_id":"RHSA-2017:0190","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0190"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0238","reference_id":"RHSA-2017:0238","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0238"},{"reference_url":"https://usn.ubuntu.com/3165-1/","reference_id":"USN-3165-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3165-1/"},{"reference_url":"https://usn.ubuntu.com/3175-1/","reference_id":"USN-3175-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3175-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582211?format=json","purl":"pkg:deb/debian/firefox@51.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@51.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105248?format=json","purl":"pkg:deb/debian/firefox@150.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1112518?format=json","purl":"pkg:deb/debian/firefox@150.0.3-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid"}],"aliases":["CVE-2017-5373"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5n3q-eby7-67de"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41545?format=json","vulnerability_id":"VCID-84kk-wfxx-t3c8","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird,\n    the worst of which could lead to the execution of arbitrary code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0190.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0190.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0238.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0238.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5380.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5380.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5380","reference_id":"","reference_type":"","scores":[{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.8297","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82844","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82853","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82858","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82878","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82898","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82919","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82918","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82932","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82714","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.8273","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82744","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82741","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82767","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82774","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.8279","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82785","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82781","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82819","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82822","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5380"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1322107","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1322107"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3771","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3771"},{"reference_url":"https://www.debian.org/security/2017/dsa-3832","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3832"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-01/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-01/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-02/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-02/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-03/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-03/"},{"reference_url":"http://www.securityfocus.com/bid/95769","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/95769"},{"reference_url":"http://www.securitytracker.com/id/1037693","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037693"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1416274","reference_id":"1416274","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1416274"},{"reference_url":"https://security.archlinux.org/ASA-201701-39","reference_id":"ASA-201701-39","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-39"},{"reference_url":"https://security.archlinux.org/ASA-201701-40","reference_id":"ASA-201701-40","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-40"},{"reference_url":"https://security.archlinux.org/AVG-157","reference_id":"AVG-157","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-157"},{"reference_url":"https://security.archlinux.org/AVG-158","reference_id":"AVG-158","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-158"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5380","reference_id":"CVE-2017-5380","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5380"},{"reference_url":"https://security.gentoo.org/glsa/201702-13","reference_id":"GLSA-201702-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201702-13"},{"reference_url":"https://security.gentoo.org/glsa/201702-22","reference_id":"GLSA-201702-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201702-22"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01","reference_id":"mfsa2017-01","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-02","reference_id":"mfsa2017-02","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-03","reference_id":"mfsa2017-03","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0190","reference_id":"RHSA-2017:0190","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0190"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0238","reference_id":"RHSA-2017:0238","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0238"},{"reference_url":"https://usn.ubuntu.com/3165-1/","reference_id":"USN-3165-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3165-1/"},{"reference_url":"https://usn.ubuntu.com/3175-1/","reference_id":"USN-3175-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3175-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582211?format=json","purl":"pkg:deb/debian/firefox@51.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@51.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105248?format=json","purl":"pkg:deb/debian/firefox@150.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1112518?format=json","purl":"pkg:deb/debian/firefox@150.0.3-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid"}],"aliases":["CVE-2017-5380"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-84kk-wfxx-t3c8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62901?format=json","vulnerability_id":"VCID-af6b-4jqc-fugx","summary":"The mozAddonManager allows for the installation of extensions from the CDN for addons.mozilla.org, a publicly accessible site. This could allow malicious extensions to install additional extensions from the CDN in combination with an XSS attack on Mozilla AMO sites.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5393","reference_id":"","reference_type":"","scores":[{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.64584","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.64322","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.64491","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.64537","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.64507","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.64531","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.64376","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.64405","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.64366","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.64414","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.64429","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.64442","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.64401","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.64435","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.64447","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.6444","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.6446","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.64474","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.64472","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.64444","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5393"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1309282","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1309282"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-01/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-01/"},{"reference_url":"http://www.securityfocus.com/bid/95763","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/95763"},{"reference_url":"http://www.securitytracker.com/id/1037693","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037693"},{"reference_url":"https://security.archlinux.org/ASA-201701-39","reference_id":"ASA-201701-39","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-39"},{"reference_url":"https://security.archlinux.org/AVG-157","reference_id":"AVG-157","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-157"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5393","reference_id":"CVE-2017-5393","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5393"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01","reference_id":"mfsa2017-01","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01"},{"reference_url":"https://usn.ubuntu.com/3175-1/","reference_id":"USN-3175-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3175-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582211?format=json","purl":"pkg:deb/debian/firefox@51.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@51.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105248?format=json","purl":"pkg:deb/debian/firefox@150.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1112518?format=json","purl":"pkg:deb/debian/firefox@150.0.3-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid"}],"aliases":["CVE-2017-5393"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-af6b-4jqc-fugx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62904?format=json","vulnerability_id":"VCID-ahzr-nr7g-5ue2","summary":"A STUN server in conjunction with a large number of webkitRTCPeerConnection objects can be used to send large STUN packets in a short period of time due to a lack of rate limiting being applied on e10s systems, allowing for a denial of service attack.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5388","reference_id":"","reference_type":"","scores":[{"value":"0.0128","scoring_system":"epss","scoring_elements":"0.79764","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0128","scoring_system":"epss","scoring_elements":"0.79526","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0128","scoring_system":"epss","scoring_elements":"0.79699","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0128","scoring_system":"epss","scoring_elements":"0.79717","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0128","scoring_system":"epss","scoring_elements":"0.79712","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0128","scoring_system":"epss","scoring_elements":"0.79725","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0128","scoring_system":"epss","scoring_elements":"0.79532","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0128","scoring_system":"epss","scoring_elements":"0.79555","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0128","scoring_system":"epss","scoring_elements":"0.79542","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0128","scoring_system":"epss","scoring_elements":"0.7957","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0128","scoring_system":"epss","scoring_elements":"0.79578","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0128","scoring_system":"epss","scoring_elements":"0.79599","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0128","scoring_system":"epss","scoring_elements":"0.79583","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0128","scoring_system":"epss","scoring_elements":"0.79575","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0128","scoring_system":"epss","scoring_elements":"0.79605","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0128","scoring_system":"epss","scoring_elements":"0.79604","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0128","scoring_system":"epss","scoring_elements":"0.79607","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0128","scoring_system":"epss","scoring_elements":"0.79639","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0128","scoring_system":"epss","scoring_elements":"0.79646","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0128","scoring_system":"epss","scoring_elements":"0.79661","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0128","scoring_system":"epss","scoring_elements":"0.79678","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5388"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1281482","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1281482"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-01/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-01/"},{"reference_url":"http://www.securityfocus.com/bid/95763","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/95763"},{"reference_url":"http://www.securitytracker.com/id/1037693","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037693"},{"reference_url":"https://security.archlinux.org/ASA-201701-39","reference_id":"ASA-201701-39","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-39"},{"reference_url":"https://security.archlinux.org/AVG-157","reference_id":"AVG-157","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-157"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5388","reference_id":"CVE-2017-5388","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5388"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01","reference_id":"mfsa2017-01","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01"},{"reference_url":"https://usn.ubuntu.com/3175-1/","reference_id":"USN-3175-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3175-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582211?format=json","purl":"pkg:deb/debian/firefox@51.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@51.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105248?format=json","purl":"pkg:deb/debian/firefox@150.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1112518?format=json","purl":"pkg:deb/debian/firefox@150.0.3-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid"}],"aliases":["CVE-2017-5388"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ahzr-nr7g-5ue2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41546?format=json","vulnerability_id":"VCID-bjyq-1zfk-eugq","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird,\n    the worst of which could lead to the execution of arbitrary code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0190.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0190.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0238.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0238.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5383.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5383.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5383","reference_id":"","reference_type":"","scores":[{"value":"0.02444","scoring_system":"epss","scoring_elements":"0.85341","published_at":"2026-05-14T12:55:00Z"},{"value":"0.02444","scoring_system":"epss","scoring_elements":"0.8523","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02444","scoring_system":"epss","scoring_elements":"0.85238","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02444","scoring_system":"epss","scoring_elements":"0.85236","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02444","scoring_system":"epss","scoring_elements":"0.8525","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02444","scoring_system":"epss","scoring_elements":"0.85276","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02444","scoring_system":"epss","scoring_elements":"0.85296","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02444","scoring_system":"epss","scoring_elements":"0.8529","published_at":"2026-05-11T12:55:00Z"},{"value":"0.02444","scoring_system":"epss","scoring_elements":"0.85305","published_at":"2026-05-12T12:55:00Z"},{"value":"0.02444","scoring_system":"epss","scoring_elements":"0.85113","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02444","scoring_system":"epss","scoring_elements":"0.85126","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02444","scoring_system":"epss","scoring_elements":"0.85143","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02444","scoring_system":"epss","scoring_elements":"0.85146","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02444","scoring_system":"epss","scoring_elements":"0.85168","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02444","scoring_system":"epss","scoring_elements":"0.85176","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02444","scoring_system":"epss","scoring_elements":"0.8519","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02444","scoring_system":"epss","scoring_elements":"0.85188","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02444","scoring_system":"epss","scoring_elements":"0.85185","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02444","scoring_system":"epss","scoring_elements":"0.85206","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02444","scoring_system":"epss","scoring_elements":"0.85208","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02444","scoring_system":"epss","scoring_elements":"0.85207","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5383"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1323338","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1323338"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1324716","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1324716"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3771","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3771"},{"reference_url":"https://www.debian.org/security/2017/dsa-3832","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3832"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-01/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-01/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-02/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-02/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-03/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-03/"},{"reference_url":"http://www.securityfocus.com/bid/95769","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/95769"},{"reference_url":"http://www.securitytracker.com/id/1037693","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037693"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1416281","reference_id":"1416281","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1416281"},{"reference_url":"https://security.archlinux.org/ASA-201701-39","reference_id":"ASA-201701-39","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-39"},{"reference_url":"https://security.archlinux.org/ASA-201701-40","reference_id":"ASA-201701-40","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-40"},{"reference_url":"https://security.archlinux.org/AVG-157","reference_id":"AVG-157","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-157"},{"reference_url":"https://security.archlinux.org/AVG-158","reference_id":"AVG-158","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-158"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5383","reference_id":"CVE-2017-5383","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:P/A:N"},{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5383"},{"reference_url":"https://security.gentoo.org/glsa/201702-13","reference_id":"GLSA-201702-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201702-13"},{"reference_url":"https://security.gentoo.org/glsa/201702-22","reference_id":"GLSA-201702-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201702-22"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01","reference_id":"mfsa2017-01","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-02","reference_id":"mfsa2017-02","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-03","reference_id":"mfsa2017-03","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0190","reference_id":"RHSA-2017:0190","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0190"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0238","reference_id":"RHSA-2017:0238","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0238"},{"reference_url":"https://usn.ubuntu.com/3165-1/","reference_id":"USN-3165-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3165-1/"},{"reference_url":"https://usn.ubuntu.com/3175-1/","reference_id":"USN-3175-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3175-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582211?format=json","purl":"pkg:deb/debian/firefox@51.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@51.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105248?format=json","purl":"pkg:deb/debian/firefox@150.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1112518?format=json","purl":"pkg:deb/debian/firefox@150.0.3-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid"}],"aliases":["CVE-2017-5383"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bjyq-1zfk-eugq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41543?format=json","vulnerability_id":"VCID-c8p3-ef58-wudt","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird,\n    the worst of which could lead to the execution of arbitrary code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0190.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0190.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0238.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0238.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5376.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5376.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5376","reference_id":"","reference_type":"","scores":[{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.8297","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82844","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82853","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82858","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82878","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82898","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82919","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82918","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82932","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82714","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.8273","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82744","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82741","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82767","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82774","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.8279","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82785","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82781","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82819","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82822","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5376"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1311687","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1311687"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3771","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3771"},{"reference_url":"https://www.debian.org/security/2017/dsa-3832","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3832"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-01/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-01/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-02/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-02/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-03/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-03/"},{"reference_url":"http://www.securityfocus.com/bid/95758","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/95758"},{"reference_url":"http://www.securitytracker.com/id/1037693","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037693"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1416272","reference_id":"1416272","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1416272"},{"reference_url":"https://security.archlinux.org/ASA-201701-39","reference_id":"ASA-201701-39","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-39"},{"reference_url":"https://security.archlinux.org/ASA-201701-40","reference_id":"ASA-201701-40","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-40"},{"reference_url":"https://security.archlinux.org/AVG-157","reference_id":"AVG-157","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-157"},{"reference_url":"https://security.archlinux.org/AVG-158","reference_id":"AVG-158","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-158"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5376","reference_id":"CVE-2017-5376","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5376"},{"reference_url":"https://security.gentoo.org/glsa/201702-13","reference_id":"GLSA-201702-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201702-13"},{"reference_url":"https://security.gentoo.org/glsa/201702-22","reference_id":"GLSA-201702-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201702-22"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01","reference_id":"mfsa2017-01","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-02","reference_id":"mfsa2017-02","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-03","reference_id":"mfsa2017-03","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0190","reference_id":"RHSA-2017:0190","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0190"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0238","reference_id":"RHSA-2017:0238","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0238"},{"reference_url":"https://usn.ubuntu.com/3165-1/","reference_id":"USN-3165-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3165-1/"},{"reference_url":"https://usn.ubuntu.com/3175-1/","reference_id":"USN-3175-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3175-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582211?format=json","purl":"pkg:deb/debian/firefox@51.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@51.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105248?format=json","purl":"pkg:deb/debian/firefox@150.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1112518?format=json","purl":"pkg:deb/debian/firefox@150.0.3-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid"}],"aliases":["CVE-2017-5376"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c8p3-ef58-wudt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62896?format=json","vulnerability_id":"VCID-dv2d-9a59-xkaq","summary":"Proxy Auto-Config (PAC) files can specify a JavaScript function called for all URL requests with the full URL path which exposes more information than would be sent to the proxy itself in the case of HTTPS. Normally the Proxy Auto-Config file is specified by the user or machine owner and presumed to be non-malicious, but if a user has enabled Web Proxy Auto Detect (WPAD) this file can be served remotely.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5384","reference_id":"","reference_type":"","scores":[{"value":"0.00764","scoring_system":"epss","scoring_elements":"0.73591","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00764","scoring_system":"epss","scoring_elements":"0.7337","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00764","scoring_system":"epss","scoring_elements":"0.73501","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00764","scoring_system":"epss","scoring_elements":"0.73526","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00764","scoring_system":"epss","scoring_elements":"0.7355","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00764","scoring_system":"epss","scoring_elements":"0.73532","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00764","scoring_system":"epss","scoring_elements":"0.73378","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00764","scoring_system":"epss","scoring_elements":"0.73402","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00764","scoring_system":"epss","scoring_elements":"0.73374","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00764","scoring_system":"epss","scoring_elements":"0.73411","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00764","scoring_system":"epss","scoring_elements":"0.73425","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00764","scoring_system":"epss","scoring_elements":"0.73448","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00764","scoring_system":"epss","scoring_elements":"0.73428","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00764","scoring_system":"epss","scoring_elements":"0.7342","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00764","scoring_system":"epss","scoring_elements":"0.73463","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00764","scoring_system":"epss","scoring_elements":"0.73471","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00764","scoring_system":"epss","scoring_elements":"0.73466","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00764","scoring_system":"epss","scoring_elements":"0.73498","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00764","scoring_system":"epss","scoring_elements":"0.7351","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00764","scoring_system":"epss","scoring_elements":"0.73507","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5384"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1255474","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1255474"},{"reference_url":"https://www.contextis.com//resources/blog/leaking-https-urls-20-year-old-vulnerability/","reference_id":"","reference_type":"","scores":[],"url":"https://www.contextis.com//resources/blog/leaking-https-urls-20-year-old-vulnerability/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-01/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-01/"},{"reference_url":"http://www.securityfocus.com/bid/95763","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/95763"},{"reference_url":"http://www.securitytracker.com/id/1037693","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037693"},{"reference_url":"https://security.archlinux.org/ASA-201701-39","reference_id":"ASA-201701-39","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-39"},{"reference_url":"https://security.archlinux.org/AVG-157","reference_id":"AVG-157","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-157"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5384","reference_id":"CVE-2017-5384","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"},{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5384"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01","reference_id":"mfsa2017-01","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01"},{"reference_url":"https://usn.ubuntu.com/3175-1/","reference_id":"USN-3175-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3175-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582211?format=json","purl":"pkg:deb/debian/firefox@51.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@51.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105248?format=json","purl":"pkg:deb/debian/firefox@150.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1112518?format=json","purl":"pkg:deb/debian/firefox@150.0.3-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid"}],"aliases":["CVE-2017-5384"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dv2d-9a59-xkaq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62894?format=json","vulnerability_id":"VCID-e2ww-ngam-cugq","summary":"The \"export\" function in the Certificate Viewer can force local filesystem navigation when the \"common name\" in a certificate contains slashes, allowing certificate content to be saved in unsafe locations with an arbitrary filename.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5381","reference_id":"","reference_type":"","scores":[{"value":"0.01264","scoring_system":"epss","scoring_elements":"0.79628","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01264","scoring_system":"epss","scoring_elements":"0.79392","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01264","scoring_system":"epss","scoring_elements":"0.79563","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01264","scoring_system":"epss","scoring_elements":"0.79581","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01264","scoring_system":"epss","scoring_elements":"0.79578","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01264","scoring_system":"epss","scoring_elements":"0.79591","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01264","scoring_system":"epss","scoring_elements":"0.79399","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01264","scoring_system":"epss","scoring_elements":"0.79421","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01264","scoring_system":"epss","scoring_elements":"0.79408","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01264","scoring_system":"epss","scoring_elements":"0.79436","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01264","scoring_system":"epss","scoring_elements":"0.79445","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01264","scoring_system":"epss","scoring_elements":"0.79468","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01264","scoring_system":"epss","scoring_elements":"0.79452","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01264","scoring_system":"epss","scoring_elements":"0.79441","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01264","scoring_system":"epss","scoring_elements":"0.79471","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01264","scoring_system":"epss","scoring_elements":"0.7947","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01264","scoring_system":"epss","scoring_elements":"0.79474","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01264","scoring_system":"epss","scoring_elements":"0.79506","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01264","scoring_system":"epss","scoring_elements":"0.79512","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01264","scoring_system":"epss","scoring_elements":"0.79527","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01264","scoring_system":"epss","scoring_elements":"0.79541","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5381"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1017616","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1017616"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-01/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-01/"},{"reference_url":"http://www.securityfocus.com/bid/95763","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/95763"},{"reference_url":"http://www.securitytracker.com/id/1037693","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037693"},{"reference_url":"https://security.archlinux.org/ASA-201701-39","reference_id":"ASA-201701-39","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-39"},{"reference_url":"https://security.archlinux.org/AVG-157","reference_id":"AVG-157","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-157"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5381","reference_id":"CVE-2017-5381","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:P/A:N"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5381"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01","reference_id":"mfsa2017-01","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01"},{"reference_url":"https://usn.ubuntu.com/3175-1/","reference_id":"USN-3175-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3175-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582211?format=json","purl":"pkg:deb/debian/firefox@51.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@51.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105248?format=json","purl":"pkg:deb/debian/firefox@150.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1112518?format=json","purl":"pkg:deb/debian/firefox@150.0.3-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid"}],"aliases":["CVE-2017-5381"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e2ww-ngam-cugq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41542?format=json","vulnerability_id":"VCID-gcen-3yba-a3ht","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird,\n    the worst of which could lead to the execution of arbitrary code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0190.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0190.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0238.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0238.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5375.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5375.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5375","reference_id":"","reference_type":"","scores":[{"value":"0.60738","scoring_system":"epss","scoring_elements":"0.98314","published_at":"2026-05-14T12:55:00Z"},{"value":"0.60738","scoring_system":"epss","scoring_elements":"0.983","published_at":"2026-04-21T12:55:00Z"},{"value":"0.60738","scoring_system":"epss","scoring_elements":"0.98301","published_at":"2026-04-18T12:55:00Z"},{"value":"0.60738","scoring_system":"epss","scoring_elements":"0.98303","published_at":"2026-04-29T12:55:00Z"},{"value":"0.60738","scoring_system":"epss","scoring_elements":"0.98305","published_at":"2026-04-26T12:55:00Z"},{"value":"0.60738","scoring_system":"epss","scoring_elements":"0.98307","published_at":"2026-05-07T12:55:00Z"},{"value":"0.60738","scoring_system":"epss","scoring_elements":"0.9831","published_at":"2026-05-09T12:55:00Z"},{"value":"0.60738","scoring_system":"epss","scoring_elements":"0.98309","published_at":"2026-05-11T12:55:00Z"},{"value":"0.60738","scoring_system":"epss","scoring_elements":"0.98312","published_at":"2026-05-12T12:55:00Z"},{"value":"0.60738","scoring_system":"epss","scoring_elements":"0.98279","published_at":"2026-04-01T12:55:00Z"},{"value":"0.60738","scoring_system":"epss","scoring_elements":"0.98281","published_at":"2026-04-02T12:55:00Z"},{"value":"0.60738","scoring_system":"epss","scoring_elements":"0.98284","published_at":"2026-04-04T12:55:00Z"},{"value":"0.60738","scoring_system":"epss","scoring_elements":"0.98285","published_at":"2026-04-07T12:55:00Z"},{"value":"0.60738","scoring_system":"epss","scoring_elements":"0.98289","published_at":"2026-04-08T12:55:00Z"},{"value":"0.60738","scoring_system":"epss","scoring_elements":"0.9829","published_at":"2026-04-09T12:55:00Z"},{"value":"0.60738","scoring_system":"epss","scoring_elements":"0.98294","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5375"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1325200","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1325200"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3771","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3771"},{"reference_url":"https://www.debian.org/security/2017/dsa-3832","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3832"},{"reference_url":"https://www.exploit-db.com/exploits/42327/","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/42327/"},{"reference_url":"https://www.exploit-db.com/exploits/44293/","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/44293/"},{"reference_url":"https://www.exploit-db.com/exploits/44294/","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/44294/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-01/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-01/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-02/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-02/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-03/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-03/"},{"reference_url":"http://www.securityfocus.com/bid/95757","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/95757"},{"reference_url":"http://www.securitytracker.com/id/1037693","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037693"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1416271","reference_id":"1416271","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1416271"},{"reference_url":"https://security.archlinux.org/ASA-201701-39","reference_id":"ASA-201701-39","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-39"},{"reference_url":"https://security.archlinux.org/ASA-201701-40","reference_id":"ASA-201701-40","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-40"},{"reference_url":"https://security.archlinux.org/AVG-157","reference_id":"AVG-157","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-157"},{"reference_url":"https://security.archlinux.org/AVG-158","reference_id":"AVG-158","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-158"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5375","reference_id":"CVE-2017-5375","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5375"},{"reference_url":"https://security.gentoo.org/glsa/201702-13","reference_id":"GLSA-201702-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201702-13"},{"reference_url":"https://security.gentoo.org/glsa/201702-22","reference_id":"GLSA-201702-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201702-22"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01","reference_id":"mfsa2017-01","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-02","reference_id":"mfsa2017-02","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-03","reference_id":"mfsa2017-03","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0190","reference_id":"RHSA-2017:0190","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0190"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0238","reference_id":"RHSA-2017:0238","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0238"},{"reference_url":"https://usn.ubuntu.com/3165-1/","reference_id":"USN-3165-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3165-1/"},{"reference_url":"https://usn.ubuntu.com/3175-1/","reference_id":"USN-3175-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3175-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582211?format=json","purl":"pkg:deb/debian/firefox@51.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@51.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105248?format=json","purl":"pkg:deb/debian/firefox@150.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1112518?format=json","purl":"pkg:deb/debian/firefox@150.0.3-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid"}],"aliases":["CVE-2017-5375"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gcen-3yba-a3ht"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62891?format=json","vulnerability_id":"VCID-hhtb-ha1v-tffj","summary":"A memory corruption vulnerability in Skia that can occur when using transforms to make gradients, resulting in a potentially exploitable crash.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5377","reference_id":"","reference_type":"","scores":[{"value":"0.01847","scoring_system":"epss","scoring_elements":"0.83176","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01847","scoring_system":"epss","scoring_elements":"0.82917","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01847","scoring_system":"epss","scoring_elements":"0.83084","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01847","scoring_system":"epss","scoring_elements":"0.83104","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01847","scoring_system":"epss","scoring_elements":"0.83125","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01847","scoring_system":"epss","scoring_elements":"0.83141","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01847","scoring_system":"epss","scoring_elements":"0.82934","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01847","scoring_system":"epss","scoring_elements":"0.82946","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01847","scoring_system":"epss","scoring_elements":"0.82943","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01847","scoring_system":"epss","scoring_elements":"0.82968","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01847","scoring_system":"epss","scoring_elements":"0.82975","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01847","scoring_system":"epss","scoring_elements":"0.82991","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01847","scoring_system":"epss","scoring_elements":"0.82985","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01847","scoring_system":"epss","scoring_elements":"0.82981","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01847","scoring_system":"epss","scoring_elements":"0.8302","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01847","scoring_system":"epss","scoring_elements":"0.83024","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01847","scoring_system":"epss","scoring_elements":"0.83047","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01847","scoring_system":"epss","scoring_elements":"0.83055","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01847","scoring_system":"epss","scoring_elements":"0.83062","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5377"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1306883","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1306883"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-01/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-01/"},{"reference_url":"http://www.securityfocus.com/bid/95761","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/95761"},{"reference_url":"http://www.securitytracker.com/id/1037693","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037693"},{"reference_url":"https://security.archlinux.org/ASA-201701-39","reference_id":"ASA-201701-39","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-39"},{"reference_url":"https://security.archlinux.org/AVG-157","reference_id":"AVG-157","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-157"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5377","reference_id":"CVE-2017-5377","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5377"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01","reference_id":"mfsa2017-01","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01"},{"reference_url":"https://usn.ubuntu.com/3175-1/","reference_id":"USN-3175-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3175-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582211?format=json","purl":"pkg:deb/debian/firefox@51.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@51.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105248?format=json","purl":"pkg:deb/debian/firefox@150.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1112518?format=json","purl":"pkg:deb/debian/firefox@150.0.3-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid"}],"aliases":["CVE-2017-5377"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hhtb-ha1v-tffj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62892?format=json","vulnerability_id":"VCID-htpg-t39z-nbex","summary":"Use-after-free vulnerability in Web Animations when interacting with cycle collection found through fuzzing.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5379","reference_id":"","reference_type":"","scores":[{"value":"0.01753","scoring_system":"epss","scoring_elements":"0.82765","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01753","scoring_system":"epss","scoring_elements":"0.82505","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01753","scoring_system":"epss","scoring_elements":"0.8269","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01753","scoring_system":"epss","scoring_elements":"0.82711","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01753","scoring_system":"epss","scoring_elements":"0.8271","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01753","scoring_system":"epss","scoring_elements":"0.82724","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01753","scoring_system":"epss","scoring_elements":"0.82519","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01753","scoring_system":"epss","scoring_elements":"0.82534","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01753","scoring_system":"epss","scoring_elements":"0.82531","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01753","scoring_system":"epss","scoring_elements":"0.82557","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01753","scoring_system":"epss","scoring_elements":"0.82565","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01753","scoring_system":"epss","scoring_elements":"0.82583","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01753","scoring_system":"epss","scoring_elements":"0.82577","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01753","scoring_system":"epss","scoring_elements":"0.82571","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01753","scoring_system":"epss","scoring_elements":"0.82607","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01753","scoring_system":"epss","scoring_elements":"0.82608","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01753","scoring_system":"epss","scoring_elements":"0.82612","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01753","scoring_system":"epss","scoring_elements":"0.82633","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01753","scoring_system":"epss","scoring_elements":"0.82644","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01753","scoring_system":"epss","scoring_elements":"0.8265","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01753","scoring_system":"epss","scoring_elements":"0.82668","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5379"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1309198","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1309198"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-01/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-01/"},{"reference_url":"http://www.securityfocus.com/bid/95763","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/95763"},{"reference_url":"http://www.securitytracker.com/id/1037693","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037693"},{"reference_url":"https://security.archlinux.org/ASA-201701-39","reference_id":"ASA-201701-39","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-39"},{"reference_url":"https://security.archlinux.org/AVG-157","reference_id":"AVG-157","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-157"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5379","reference_id":"CVE-2017-5379","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5379"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01","reference_id":"mfsa2017-01","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01"},{"reference_url":"https://usn.ubuntu.com/3175-1/","reference_id":"USN-3175-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3175-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582211?format=json","purl":"pkg:deb/debian/firefox@51.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@51.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105248?format=json","purl":"pkg:deb/debian/firefox@150.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1112518?format=json","purl":"pkg:deb/debian/firefox@150.0.3-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid"}],"aliases":["CVE-2017-5379"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-htpg-t39z-nbex"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41548?format=json","vulnerability_id":"VCID-hyhc-qud7-6uax","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird,\n    the worst of which could lead to the execution of arbitrary code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0190.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0190.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0238.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0238.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5396.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5396.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5396","reference_id":"","reference_type":"","scores":[{"value":"0.01838","scoring_system":"epss","scoring_elements":"0.82982","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01838","scoring_system":"epss","scoring_elements":"0.82943","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01838","scoring_system":"epss","scoring_elements":"0.82878","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01838","scoring_system":"epss","scoring_elements":"0.82947","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01838","scoring_system":"epss","scoring_elements":"0.82952","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01838","scoring_system":"epss","scoring_elements":"0.82936","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01838","scoring_system":"epss","scoring_elements":"0.82929","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01838","scoring_system":"epss","scoring_elements":"0.82904","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01838","scoring_system":"epss","scoring_elements":"0.82907","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01838","scoring_system":"epss","scoring_elements":"0.82895","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03206","scoring_system":"epss","scoring_elements":"0.87153","published_at":"2026-05-14T12:55:00Z"},{"value":"0.03206","scoring_system":"epss","scoring_elements":"0.87052","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03206","scoring_system":"epss","scoring_elements":"0.87057","published_at":"2026-04-26T12:55:00Z"},{"value":"0.03206","scoring_system":"epss","scoring_elements":"0.87059","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03206","scoring_system":"epss","scoring_elements":"0.87078","published_at":"2026-05-05T12:55:00Z"},{"value":"0.03206","scoring_system":"epss","scoring_elements":"0.87094","published_at":"2026-05-07T12:55:00Z"},{"value":"0.03206","scoring_system":"epss","scoring_elements":"0.87111","published_at":"2026-05-09T12:55:00Z"},{"value":"0.03206","scoring_system":"epss","scoring_elements":"0.87106","published_at":"2026-05-11T12:55:00Z"},{"value":"0.03206","scoring_system":"epss","scoring_elements":"0.87121","published_at":"2026-05-12T12:55:00Z"},{"value":"0.03206","scoring_system":"epss","scoring_elements":"0.87035","published_at":"2026-04-18T12:55:00Z"},{"value":"0.03206","scoring_system":"epss","scoring_elements":"0.87032","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5396"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1329403","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1329403"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3771","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3771"},{"reference_url":"https://www.debian.org/security/2017/dsa-3832","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3832"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-01/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-01/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-02/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-02/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-03/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-03/"},{"reference_url":"http://www.securityfocus.com/bid/95769","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/95769"},{"reference_url":"http://www.securitytracker.com/id/1037693","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037693"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1416280","reference_id":"1416280","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1416280"},{"reference_url":"https://security.archlinux.org/ASA-201701-39","reference_id":"ASA-201701-39","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-39"},{"reference_url":"https://security.archlinux.org/ASA-201701-40","reference_id":"ASA-201701-40","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-40"},{"reference_url":"https://security.archlinux.org/AVG-157","reference_id":"AVG-157","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-157"},{"reference_url":"https://security.archlinux.org/AVG-158","reference_id":"AVG-158","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-158"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5396","reference_id":"CVE-2017-5396","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5396"},{"reference_url":"https://security.gentoo.org/glsa/201702-13","reference_id":"GLSA-201702-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201702-13"},{"reference_url":"https://security.gentoo.org/glsa/201702-22","reference_id":"GLSA-201702-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201702-22"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01","reference_id":"mfsa2017-01","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-02","reference_id":"mfsa2017-02","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-03","reference_id":"mfsa2017-03","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0190","reference_id":"RHSA-2017:0190","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0190"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0238","reference_id":"RHSA-2017:0238","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0238"},{"reference_url":"https://usn.ubuntu.com/3165-1/","reference_id":"USN-3165-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3165-1/"},{"reference_url":"https://usn.ubuntu.com/3175-1/","reference_id":"USN-3175-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3175-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582211?format=json","purl":"pkg:deb/debian/firefox@51.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@51.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105248?format=json","purl":"pkg:deb/debian/firefox@150.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1112518?format=json","purl":"pkg:deb/debian/firefox@150.0.3-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid"}],"aliases":["CVE-2017-5396"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hyhc-qud7-6uax"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41544?format=json","vulnerability_id":"VCID-m59v-ygc2-qucg","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird,\n    the worst of which could lead to the execution of arbitrary code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0190.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0190.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0238.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0238.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5378.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5378.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5378","reference_id":"","reference_type":"","scores":[{"value":"0.01705","scoring_system":"epss","scoring_elements":"0.82497","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01705","scoring_system":"epss","scoring_elements":"0.82368","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01705","scoring_system":"epss","scoring_elements":"0.82379","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01705","scoring_system":"epss","scoring_elements":"0.82383","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01705","scoring_system":"epss","scoring_elements":"0.824","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01705","scoring_system":"epss","scoring_elements":"0.82421","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01705","scoring_system":"epss","scoring_elements":"0.82443","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01705","scoring_system":"epss","scoring_elements":"0.82441","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01705","scoring_system":"epss","scoring_elements":"0.82457","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01705","scoring_system":"epss","scoring_elements":"0.82241","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01705","scoring_system":"epss","scoring_elements":"0.82254","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01705","scoring_system":"epss","scoring_elements":"0.82273","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01705","scoring_system":"epss","scoring_elements":"0.82268","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01705","scoring_system":"epss","scoring_elements":"0.82295","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01705","scoring_system":"epss","scoring_elements":"0.82302","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01705","scoring_system":"epss","scoring_elements":"0.82322","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01705","scoring_system":"epss","scoring_elements":"0.82315","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01705","scoring_system":"epss","scoring_elements":"0.8231","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01705","scoring_system":"epss","scoring_elements":"0.82344","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01705","scoring_system":"epss","scoring_elements":"0.82347","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5378"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1312001","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1312001"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1330769","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1330769"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3771","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3771"},{"reference_url":"https://www.debian.org/security/2017/dsa-3832","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3832"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-01/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-01/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-02/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-02/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-03/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-03/"},{"reference_url":"http://www.securityfocus.com/bid/95769","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/95769"},{"reference_url":"http://www.securitytracker.com/id/1037693","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037693"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1416273","reference_id":"1416273","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1416273"},{"reference_url":"https://security.archlinux.org/ASA-201701-39","reference_id":"ASA-201701-39","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-39"},{"reference_url":"https://security.archlinux.org/ASA-201701-40","reference_id":"ASA-201701-40","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-40"},{"reference_url":"https://security.archlinux.org/AVG-157","reference_id":"AVG-157","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-157"},{"reference_url":"https://security.archlinux.org/AVG-158","reference_id":"AVG-158","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-158"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5378","reference_id":"CVE-2017-5378","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5378"},{"reference_url":"https://security.gentoo.org/glsa/201702-13","reference_id":"GLSA-201702-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201702-13"},{"reference_url":"https://security.gentoo.org/glsa/201702-22","reference_id":"GLSA-201702-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201702-22"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01","reference_id":"mfsa2017-01","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-02","reference_id":"mfsa2017-02","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-03","reference_id":"mfsa2017-03","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0190","reference_id":"RHSA-2017:0190","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0190"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0238","reference_id":"RHSA-2017:0238","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0238"},{"reference_url":"https://usn.ubuntu.com/3165-1/","reference_id":"USN-3165-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3165-1/"},{"reference_url":"https://usn.ubuntu.com/3175-1/","reference_id":"USN-3175-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3175-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582211?format=json","purl":"pkg:deb/debian/firefox@51.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@51.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105248?format=json","purl":"pkg:deb/debian/firefox@150.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1112518?format=json","purl":"pkg:deb/debian/firefox@150.0.3-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid"}],"aliases":["CVE-2017-5378"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m59v-ygc2-qucg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62899?format=json","vulnerability_id":"VCID-qjs9-h3tt-qucf","summary":"Special about: pages used by web content, such as RSS feeds, can load privileged about: pages in an iframe. If a content-injection bug were found in one of those pages this could allow for potential privilege escalation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5391","reference_id":"","reference_type":"","scores":[{"value":"0.02446","scoring_system":"epss","scoring_elements":"0.85347","published_at":"2026-05-14T12:55:00Z"},{"value":"0.02446","scoring_system":"epss","scoring_elements":"0.85119","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02446","scoring_system":"epss","scoring_elements":"0.85282","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02446","scoring_system":"epss","scoring_elements":"0.85301","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02446","scoring_system":"epss","scoring_elements":"0.85296","published_at":"2026-05-11T12:55:00Z"},{"value":"0.02446","scoring_system":"epss","scoring_elements":"0.8531","published_at":"2026-05-12T12:55:00Z"},{"value":"0.02446","scoring_system":"epss","scoring_elements":"0.85132","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02446","scoring_system":"epss","scoring_elements":"0.85149","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02446","scoring_system":"epss","scoring_elements":"0.85152","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02446","scoring_system":"epss","scoring_elements":"0.85174","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02446","scoring_system":"epss","scoring_elements":"0.85182","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02446","scoring_system":"epss","scoring_elements":"0.85196","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02446","scoring_system":"epss","scoring_elements":"0.85194","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02446","scoring_system":"epss","scoring_elements":"0.85191","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02446","scoring_system":"epss","scoring_elements":"0.85212","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02446","scoring_system":"epss","scoring_elements":"0.85213","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02446","scoring_system":"epss","scoring_elements":"0.85236","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02446","scoring_system":"epss","scoring_elements":"0.85244","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02446","scoring_system":"epss","scoring_elements":"0.85242","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02446","scoring_system":"epss","scoring_elements":"0.85256","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5391"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1309310","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1309310"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-01/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-01/"},{"reference_url":"http://www.securityfocus.com/bid/95763","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/95763"},{"reference_url":"http://www.securitytracker.com/id/1037693","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037693"},{"reference_url":"https://security.archlinux.org/ASA-201701-39","reference_id":"ASA-201701-39","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-39"},{"reference_url":"https://security.archlinux.org/AVG-157","reference_id":"AVG-157","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-157"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5391","reference_id":"CVE-2017-5391","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5391"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01","reference_id":"mfsa2017-01","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01"},{"reference_url":"https://usn.ubuntu.com/3175-1/","reference_id":"USN-3175-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3175-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582211?format=json","purl":"pkg:deb/debian/firefox@51.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@51.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105248?format=json","purl":"pkg:deb/debian/firefox@150.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1112518?format=json","purl":"pkg:deb/debian/firefox@150.0.3-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid"}],"aliases":["CVE-2017-5391"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qjs9-h3tt-qucf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62895?format=json","vulnerability_id":"VCID-r34s-64j2-dfff","summary":"Feed preview for RSS feeds can be used to capture errors and exceptions generated by privileged content, allowing for the exposure of internal information not meant to be seen by web content.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5382","reference_id":"","reference_type":"","scores":[{"value":"0.00957","scoring_system":"epss","scoring_elements":"0.76619","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00957","scoring_system":"epss","scoring_elements":"0.76388","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00957","scoring_system":"epss","scoring_elements":"0.76547","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00957","scoring_system":"epss","scoring_elements":"0.76565","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00957","scoring_system":"epss","scoring_elements":"0.76552","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00957","scoring_system":"epss","scoring_elements":"0.76569","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00957","scoring_system":"epss","scoring_elements":"0.76392","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00957","scoring_system":"epss","scoring_elements":"0.7642","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00957","scoring_system":"epss","scoring_elements":"0.76402","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00957","scoring_system":"epss","scoring_elements":"0.76434","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00957","scoring_system":"epss","scoring_elements":"0.76448","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00957","scoring_system":"epss","scoring_elements":"0.76473","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00957","scoring_system":"epss","scoring_elements":"0.76451","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00957","scoring_system":"epss","scoring_elements":"0.76446","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00957","scoring_system":"epss","scoring_elements":"0.76486","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00957","scoring_system":"epss","scoring_elements":"0.7649","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00957","scoring_system":"epss","scoring_elements":"0.76477","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00957","scoring_system":"epss","scoring_elements":"0.76511","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00957","scoring_system":"epss","scoring_elements":"0.76518","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00957","scoring_system":"epss","scoring_elements":"0.7653","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00957","scoring_system":"epss","scoring_elements":"0.76517","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5382"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1295322","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1295322"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-01/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-01/"},{"reference_url":"http://www.securityfocus.com/bid/95763","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/95763"},{"reference_url":"http://www.securitytracker.com/id/1037693","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037693"},{"reference_url":"https://security.archlinux.org/ASA-201701-39","reference_id":"ASA-201701-39","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-39"},{"reference_url":"https://security.archlinux.org/AVG-157","reference_id":"AVG-157","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-157"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5382","reference_id":"CVE-2017-5382","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5382"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01","reference_id":"mfsa2017-01","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01"},{"reference_url":"https://usn.ubuntu.com/3175-1/","reference_id":"USN-3175-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3175-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582211?format=json","purl":"pkg:deb/debian/firefox@51.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@51.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105248?format=json","purl":"pkg:deb/debian/firefox@150.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1112518?format=json","purl":"pkg:deb/debian/firefox@150.0.3-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid"}],"aliases":["CVE-2017-5382"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r34s-64j2-dfff"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62897?format=json","vulnerability_id":"VCID-r7te-y4n3-1uhj","summary":"Data sent with in multipart channels, such as the multipart/x-mixed-replace MIME type, will ignore the referrer-policy response header, leading to potential information disclosure for sites using this header.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5385","reference_id":"","reference_type":"","scores":[{"value":"0.00947","scoring_system":"epss","scoring_elements":"0.76503","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00947","scoring_system":"epss","scoring_elements":"0.76269","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00947","scoring_system":"epss","scoring_elements":"0.7643","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00947","scoring_system":"epss","scoring_elements":"0.7645","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00947","scoring_system":"epss","scoring_elements":"0.76438","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00947","scoring_system":"epss","scoring_elements":"0.76453","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00947","scoring_system":"epss","scoring_elements":"0.76273","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00947","scoring_system":"epss","scoring_elements":"0.76303","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00947","scoring_system":"epss","scoring_elements":"0.76283","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00947","scoring_system":"epss","scoring_elements":"0.76316","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00947","scoring_system":"epss","scoring_elements":"0.76329","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00947","scoring_system":"epss","scoring_elements":"0.76356","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00947","scoring_system":"epss","scoring_elements":"0.76334","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00947","scoring_system":"epss","scoring_elements":"0.7633","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00947","scoring_system":"epss","scoring_elements":"0.7637","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00947","scoring_system":"epss","scoring_elements":"0.76375","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00947","scoring_system":"epss","scoring_elements":"0.76358","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00947","scoring_system":"epss","scoring_elements":"0.76392","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00947","scoring_system":"epss","scoring_elements":"0.764","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00947","scoring_system":"epss","scoring_elements":"0.76412","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00947","scoring_system":"epss","scoring_elements":"0.76401","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5385"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1295945","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1295945"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-01/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-01/"},{"reference_url":"http://www.securityfocus.com/bid/95763","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/95763"},{"reference_url":"http://www.securitytracker.com/id/1037693","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037693"},{"reference_url":"https://security.archlinux.org/ASA-201701-39","reference_id":"ASA-201701-39","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-39"},{"reference_url":"https://security.archlinux.org/AVG-157","reference_id":"AVG-157","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-157"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5385","reference_id":"CVE-2017-5385","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5385"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01","reference_id":"mfsa2017-01","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01"},{"reference_url":"https://usn.ubuntu.com/3175-1/","reference_id":"USN-3175-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3175-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582211?format=json","purl":"pkg:deb/debian/firefox@51.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@51.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105248?format=json","purl":"pkg:deb/debian/firefox@150.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1112518?format=json","purl":"pkg:deb/debian/firefox@150.0.3-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid"}],"aliases":["CVE-2017-5385"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r7te-y4n3-1uhj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41547?format=json","vulnerability_id":"VCID-tjjd-y1pq-ckf4","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird,\n    the worst of which could lead to the execution of arbitrary code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0190.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0190.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0238.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0238.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5390.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5390.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5390","reference_id":"","reference_type":"","scores":[{"value":"0.01748","scoring_system":"epss","scoring_elements":"0.8274","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01748","scoring_system":"epss","scoring_elements":"0.82607","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01748","scoring_system":"epss","scoring_elements":"0.82617","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01748","scoring_system":"epss","scoring_elements":"0.82623","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01748","scoring_system":"epss","scoring_elements":"0.82643","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01748","scoring_system":"epss","scoring_elements":"0.82664","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01748","scoring_system":"epss","scoring_elements":"0.82685","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01748","scoring_system":"epss","scoring_elements":"0.82684","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01748","scoring_system":"epss","scoring_elements":"0.82699","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01748","scoring_system":"epss","scoring_elements":"0.82473","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01748","scoring_system":"epss","scoring_elements":"0.82487","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01748","scoring_system":"epss","scoring_elements":"0.82505","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01748","scoring_system":"epss","scoring_elements":"0.82501","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01748","scoring_system":"epss","scoring_elements":"0.82528","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01748","scoring_system":"epss","scoring_elements":"0.82536","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01748","scoring_system":"epss","scoring_elements":"0.82554","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01748","scoring_system":"epss","scoring_elements":"0.82549","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01748","scoring_system":"epss","scoring_elements":"0.82545","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01748","scoring_system":"epss","scoring_elements":"0.82581","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01748","scoring_system":"epss","scoring_elements":"0.82585","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5390"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1297361","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1297361"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3771","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3771"},{"reference_url":"https://www.debian.org/security/2017/dsa-3832","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3832"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-01/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-01/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-02/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-02/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-03/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-03/"},{"reference_url":"http://www.securityfocus.com/bid/95769","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/95769"},{"reference_url":"http://www.securitytracker.com/id/1037693","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037693"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1416279","reference_id":"1416279","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1416279"},{"reference_url":"https://security.archlinux.org/ASA-201701-39","reference_id":"ASA-201701-39","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-39"},{"reference_url":"https://security.archlinux.org/ASA-201701-40","reference_id":"ASA-201701-40","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-40"},{"reference_url":"https://security.archlinux.org/AVG-157","reference_id":"AVG-157","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-157"},{"reference_url":"https://security.archlinux.org/AVG-158","reference_id":"AVG-158","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-158"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5390","reference_id":"CVE-2017-5390","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5390"},{"reference_url":"https://security.gentoo.org/glsa/201702-13","reference_id":"GLSA-201702-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201702-13"},{"reference_url":"https://security.gentoo.org/glsa/201702-22","reference_id":"GLSA-201702-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201702-22"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01","reference_id":"mfsa2017-01","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-02","reference_id":"mfsa2017-02","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-03","reference_id":"mfsa2017-03","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0190","reference_id":"RHSA-2017:0190","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0190"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0238","reference_id":"RHSA-2017:0238","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0238"},{"reference_url":"https://usn.ubuntu.com/3165-1/","reference_id":"USN-3165-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3165-1/"},{"reference_url":"https://usn.ubuntu.com/3175-1/","reference_id":"USN-3175-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3175-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582211?format=json","purl":"pkg:deb/debian/firefox@51.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@51.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105248?format=json","purl":"pkg:deb/debian/firefox@150.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1112518?format=json","purl":"pkg:deb/debian/firefox@150.0.3-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid"}],"aliases":["CVE-2017-5390"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tjjd-y1pq-ckf4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62905?format=json","vulnerability_id":"VCID-u1nc-fgsw-mkhc","summary":"Mozilla developers and community members Gary Kwong, Olli Pettay, Tooru Fujisawa, Carsten Book, Andrew McCreight, Chris Pearce, Ronald Crane, Jan de Mooij, Julian Seward, Nicolas Pierron, Randell Jesup, Esther Monchari, Honza Bambas, and Philipp reported memory safety bugs present in Firefox 50.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5374","reference_id":"","reference_type":"","scores":[{"value":"0.01847","scoring_system":"epss","scoring_elements":"0.83176","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01847","scoring_system":"epss","scoring_elements":"0.82917","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01847","scoring_system":"epss","scoring_elements":"0.83084","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01847","scoring_system":"epss","scoring_elements":"0.83104","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01847","scoring_system":"epss","scoring_elements":"0.83125","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01847","scoring_system":"epss","scoring_elements":"0.83141","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01847","scoring_system":"epss","scoring_elements":"0.82934","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01847","scoring_system":"epss","scoring_elements":"0.82946","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01847","scoring_system":"epss","scoring_elements":"0.82943","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01847","scoring_system":"epss","scoring_elements":"0.82968","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01847","scoring_system":"epss","scoring_elements":"0.82975","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01847","scoring_system":"epss","scoring_elements":"0.82991","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01847","scoring_system":"epss","scoring_elements":"0.82985","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01847","scoring_system":"epss","scoring_elements":"0.82981","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01847","scoring_system":"epss","scoring_elements":"0.8302","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01847","scoring_system":"epss","scoring_elements":"0.83024","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01847","scoring_system":"epss","scoring_elements":"0.83047","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01847","scoring_system":"epss","scoring_elements":"0.83055","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01847","scoring_system":"epss","scoring_elements":"0.83062","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5374"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1325344%2C1317501%2C1311319%2C1329989%2C1300145%2C1322305%2C1288561%2C1295747%2C1318766%2C1297808%2C1321374%2C1324810%2C1313385%2C1319888%2C1302231%2C1307458%2C1293327%2C1315447%2C1319456","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1325344%2C1317501%2C1311319%2C1329989%2C1300145%2C1322305%2C1288561%2C1295747%2C1318766%2C1297808%2C1321374%2C1324810%2C1313385%2C1319888%2C1302231%2C1307458%2C1293327%2C1315447%2C1319456"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-01/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-01/"},{"reference_url":"http://www.securityfocus.com/bid/95759","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/95759"},{"reference_url":"http://www.securitytracker.com/id/1037693","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037693"},{"reference_url":"https://security.archlinux.org/ASA-201701-39","reference_id":"ASA-201701-39","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-39"},{"reference_url":"https://security.archlinux.org/AVG-157","reference_id":"AVG-157","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-157"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5374","reference_id":"CVE-2017-5374","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5374"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01","reference_id":"mfsa2017-01","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01"},{"reference_url":"https://usn.ubuntu.com/3175-1/","reference_id":"USN-3175-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3175-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582211?format=json","purl":"pkg:deb/debian/firefox@51.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@51.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105248?format=json","purl":"pkg:deb/debian/firefox@150.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1112518?format=json","purl":"pkg:deb/debian/firefox@150.0.3-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid"}],"aliases":["CVE-2017-5374"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u1nc-fgsw-mkhc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62893?format=json","vulnerability_id":"VCID-vnuz-wp96-pqgt","summary":"WebExtensions could use the mozAddonManager API by modifying the CSP headers on sites with the appropriate permissions and then using host requests to redirect script loads to a malicious site. This allows a malicious extension to then install additional extensions without explicit user permission.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5389","reference_id":"","reference_type":"","scores":[{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.592","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.58975","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59039","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59145","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59101","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59129","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.5905","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59072","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59037","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59088","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59094","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59112","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59075","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59111","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59116","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59095","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59076","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59093","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.5908","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5389"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1308688","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1308688"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-01/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-01/"},{"reference_url":"http://www.securityfocus.com/bid/95763","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/95763"},{"reference_url":"http://www.securitytracker.com/id/1037693","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037693"},{"reference_url":"https://security.archlinux.org/ASA-201701-39","reference_id":"ASA-201701-39","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-39"},{"reference_url":"https://security.archlinux.org/AVG-157","reference_id":"AVG-157","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-157"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5389","reference_id":"CVE-2017-5389","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:N"},{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5389"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01","reference_id":"mfsa2017-01","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01"},{"reference_url":"https://usn.ubuntu.com/3175-1/","reference_id":"USN-3175-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3175-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582211?format=json","purl":"pkg:deb/debian/firefox@51.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@51.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105248?format=json","purl":"pkg:deb/debian/firefox@150.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1112518?format=json","purl":"pkg:deb/debian/firefox@150.0.3-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid"}],"aliases":["CVE-2017-5389"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vnuz-wp96-pqgt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62555?format=json","vulnerability_id":"VCID-vtwg-jhr9-nydc","summary":"Multiple vulnerabilities have been found in Mozilla Firefox, the\n    worst of which may allow execution of arbitrary code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0190.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0190.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5386.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5386.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5386","reference_id":"","reference_type":"","scores":[{"value":"0.01186","scoring_system":"epss","scoring_elements":"0.78973","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01186","scoring_system":"epss","scoring_elements":"0.78866","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01186","scoring_system":"epss","scoring_elements":"0.78884","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01186","scoring_system":"epss","scoring_elements":"0.78906","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01186","scoring_system":"epss","scoring_elements":"0.78919","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01186","scoring_system":"epss","scoring_elements":"0.78916","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01186","scoring_system":"epss","scoring_elements":"0.78935","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01186","scoring_system":"epss","scoring_elements":"0.78741","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01186","scoring_system":"epss","scoring_elements":"0.78748","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01186","scoring_system":"epss","scoring_elements":"0.7878","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01186","scoring_system":"epss","scoring_elements":"0.78762","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01186","scoring_system":"epss","scoring_elements":"0.78787","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01186","scoring_system":"epss","scoring_elements":"0.78795","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01186","scoring_system":"epss","scoring_elements":"0.78818","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01186","scoring_system":"epss","scoring_elements":"0.78801","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01186","scoring_system":"epss","scoring_elements":"0.78792","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01186","scoring_system":"epss","scoring_elements":"0.7882","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01186","scoring_system":"epss","scoring_elements":"0.78814","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01186","scoring_system":"epss","scoring_elements":"0.78843","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01186","scoring_system":"epss","scoring_elements":"0.78849","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5386"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1319070","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1319070"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3771","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3771"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-01/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-01/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2017-02/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2017-02/"},{"reference_url":"http://www.securityfocus.com/bid/95769","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/95769"},{"reference_url":"http://www.securitytracker.com/id/1037693","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1037693"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1416282","reference_id":"1416282","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1416282"},{"reference_url":"https://security.archlinux.org/ASA-201701-39","reference_id":"ASA-201701-39","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-39"},{"reference_url":"https://security.archlinux.org/AVG-157","reference_id":"AVG-157","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-157"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5386","reference_id":"CVE-2017-5386","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5386"},{"reference_url":"https://security.gentoo.org/glsa/201702-22","reference_id":"GLSA-201702-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201702-22"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01","reference_id":"mfsa2017-01","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-02","reference_id":"mfsa2017-02","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0190","reference_id":"RHSA-2017:0190","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0190"},{"reference_url":"https://usn.ubuntu.com/3175-1/","reference_id":"USN-3175-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3175-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582211?format=json","purl":"pkg:deb/debian/firefox@51.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@51.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105248?format=json","purl":"pkg:deb/debian/firefox@150.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1112518?format=json","purl":"pkg:deb/debian/firefox@150.0.3-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid"}],"aliases":["CVE-2017-5386"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vtwg-jhr9-nydc"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@51.0-1%3Fdistro=sid"}