Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/firefox@56.0-1?distro=sid

Type deb

Namespace debian

Name firefox

Version 56.0-1

Qualifiers

distro	sid

Subpath

Is_vulnerable false

Next_non_vulnerable_version 57.0-1

Latest_non_vulnerable_version 149.0.2-1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-cxxg-uk18-pqhq

vulnerability_id VCID-cxxg-uk18-pqhq

summary A vulnerability where WebExtensions can download and attempt to open a file of some non-executable file types. This can be triggered without specific user interaction for the file download and open actions. This could be used to trigger known vulnerabilities in the programs that handle those document types.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7821

reference_id

reference_type

scores

value	0.02595
scoring_system	epss
scoring_elements	0.85597
published_at	2026-04-13T12:55:00Z

value	0.02595
scoring_system	epss
scoring_elements	0.85525
published_at	2026-04-01T12:55:00Z

value	0.02595
scoring_system	epss
scoring_elements	0.85591
published_at	2026-04-09T12:55:00Z

value	0.02595
scoring_system	epss
scoring_elements	0.85605
published_at	2026-04-11T12:55:00Z

value	0.02595
scoring_system	epss
scoring_elements	0.85601
published_at	2026-04-12T12:55:00Z

value	0.02595
scoring_system	epss
scoring_elements	0.85537
published_at	2026-04-02T12:55:00Z

value	0.02595
scoring_system	epss
scoring_elements	0.85555
published_at	2026-04-04T12:55:00Z

value	0.02595
scoring_system	epss
scoring_elements	0.8556
published_at	2026-04-07T12:55:00Z

value	0.02595
scoring_system	epss
scoring_elements	0.8558
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7821

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1346515
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1346515

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-21/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-21/

reference_url	http://www.securityfocus.com/bid/101057
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/101057

reference_url	http://www.securitytracker.com/id/1039465
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1039465

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-7821

reference_id

CVE-2017-7821

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-7821

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-21

reference_id

mfsa2017-21

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-21

reference_url	https://usn.ubuntu.com/3435-1/
reference_id	USN-3435-1
reference_type
scores
url	https://usn.ubuntu.com/3435-1/

fixed_packages

url	pkg:deb/debian/firefox@56.0-1?distro=sid
purl	pkg:deb/debian/firefox@56.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@56.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

aliases CVE-2017-7821

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cxxg-uk18-pqhq

url VCID-dh3c-g3k3-zkb7

vulnerability_id VCID-dh3c-g3k3-zkb7

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could lead to the execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7805.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7805.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7805

reference_id

reference_type

scores

value	0.03211
scoring_system	epss
scoring_elements	0.8703
published_at	2026-04-13T12:55:00Z

value	0.03851
scoring_system	epss
scoring_elements	0.88141
published_at	2026-04-01T12:55:00Z

value	0.03851
scoring_system	epss
scoring_elements	0.88207
published_at	2026-04-11T12:55:00Z

value	0.03851
scoring_system	epss
scoring_elements	0.88197
published_at	2026-04-09T12:55:00Z

value	0.03851
scoring_system	epss
scoring_elements	0.88191
published_at	2026-04-08T12:55:00Z

value	0.03851
scoring_system	epss
scoring_elements	0.88149
published_at	2026-04-02T12:55:00Z

value	0.03851
scoring_system	epss
scoring_elements	0.88199
published_at	2026-04-12T12:55:00Z

value	0.03851
scoring_system	epss
scoring_elements	0.88166
published_at	2026-04-04T12:55:00Z

value	0.03851
scoring_system	epss
scoring_elements	0.88171
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7805

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1377618
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1377618

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7805
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7805

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7810
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7810

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7814
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7814

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7818
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7818

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7819
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7819

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7823
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7823

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7824
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7824

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:S/C:C/I:C/A:C

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2017/11/msg00000.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2017/11/msg00000.html

reference_url	https://www.debian.org/security/2017/dsa-3987
reference_id
reference_type
scores
url	https://www.debian.org/security/2017/dsa-3987

reference_url	https://www.debian.org/security/2017/dsa-3998
reference_id
reference_type
scores
url	https://www.debian.org/security/2017/dsa-3998

reference_url	https://www.debian.org/security/2017/dsa-4014
reference_id
reference_type
scores
url	https://www.debian.org/security/2017/dsa-4014

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-21/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-21/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-22/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-22/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-23/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-23/

reference_url	http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

reference_url	http://www.securityfocus.com/bid/101059
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/101059

reference_url	http://www.securitytracker.com/id/1039465
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1039465

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1471171
reference_id	1471171
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1471171

reference_url	https://security.archlinux.org/ASA-201710-19
reference_id	ASA-201710-19
reference_type
scores
url	https://security.archlinux.org/ASA-201710-19

reference_url

https://security.archlinux.org/AVG-441

reference_id

AVG-441

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-441

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:52.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:52.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:52.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:56.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:56.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:56.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:52.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:thunderbird:52.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:52.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-7805

reference_id

CVE-2017-7805

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-7805

reference_url	https://security.gentoo.org/glsa/201802-03
reference_id	GLSA-201802-03
reference_type
scores
url	https://security.gentoo.org/glsa/201802-03

reference_url	https://security.gentoo.org/glsa/201803-14
reference_id	GLSA-201803-14
reference_type
scores
url	https://security.gentoo.org/glsa/201803-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-21

reference_id

mfsa2017-21

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-21

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-22

reference_id

mfsa2017-22

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-22

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-23

reference_id

mfsa2017-23

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-23

reference_url	https://access.redhat.com/errata/RHSA-2017:2832
reference_id	RHSA-2017:2832
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2832

reference_url	https://usn.ubuntu.com/3431-1/
reference_id	USN-3431-1
reference_type
scores
url	https://usn.ubuntu.com/3431-1/

reference_url	https://usn.ubuntu.com/3435-1/
reference_id	USN-3435-1
reference_type
scores
url	https://usn.ubuntu.com/3435-1/

reference_url	https://usn.ubuntu.com/3436-1/
reference_id	USN-3436-1
reference_type
scores
url	https://usn.ubuntu.com/3436-1/

fixed_packages

url	pkg:deb/debian/firefox@56.0-1?distro=sid
purl	pkg:deb/debian/firefox@56.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@56.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

aliases CVE-2017-7805

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dh3c-g3k3-zkb7

url VCID-dydk-9hwf-4ka4

vulnerability_id VCID-dydk-9hwf-4ka4

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could lead to the execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7793.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7793.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7793

reference_id

reference_type

scores

value	0.02442
scoring_system	epss
scoring_elements	0.8518
published_at	2026-04-13T12:55:00Z

value	0.02442
scoring_system	epss
scoring_elements	0.85183
published_at	2026-04-12T12:55:00Z

value	0.02442
scoring_system	epss
scoring_elements	0.85108
published_at	2026-04-01T12:55:00Z

value	0.02442
scoring_system	epss
scoring_elements	0.85185
published_at	2026-04-11T12:55:00Z

value	0.02442
scoring_system	epss
scoring_elements	0.85171
published_at	2026-04-09T12:55:00Z

value	0.02442
scoring_system	epss
scoring_elements	0.85163
published_at	2026-04-08T12:55:00Z

value	0.02442
scoring_system	epss
scoring_elements	0.8512
published_at	2026-04-02T12:55:00Z

value	0.02442
scoring_system	epss
scoring_elements	0.85137
published_at	2026-04-04T12:55:00Z

value	0.02442
scoring_system	epss
scoring_elements	0.85141
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7793

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1371889
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1371889

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7805
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7805

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7810
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7810

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7814
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7814

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7818
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7818

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7819
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7819

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7823
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7823

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7824
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7824

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.6
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:C/I:C/A:C

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2017/11/msg00000.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2017/11/msg00000.html

reference_url	https://www.debian.org/security/2017/dsa-3987
reference_id
reference_type
scores
url	https://www.debian.org/security/2017/dsa-3987

reference_url	https://www.debian.org/security/2017/dsa-4014
reference_id
reference_type
scores
url	https://www.debian.org/security/2017/dsa-4014

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-21/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-21/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-22/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-22/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-23/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-23/

reference_url	http://www.securityfocus.com/bid/101055
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/101055

reference_url	http://www.securitytracker.com/id/1039465
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1039465

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1496649
reference_id	1496649
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1496649

reference_url	https://security.archlinux.org/ASA-201710-19
reference_id	ASA-201710-19
reference_type
scores
url	https://security.archlinux.org/ASA-201710-19

reference_url

https://security.archlinux.org/AVG-441

reference_id

AVG-441

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-441

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-7793

reference_id

CVE-2017-7793

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-7793

reference_url	https://security.gentoo.org/glsa/201802-03
reference_id	GLSA-201802-03
reference_type
scores
url	https://security.gentoo.org/glsa/201802-03

reference_url	https://security.gentoo.org/glsa/201803-14
reference_id	GLSA-201803-14
reference_type
scores
url	https://security.gentoo.org/glsa/201803-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-21

reference_id

mfsa2017-21

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-21

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-22

reference_id

mfsa2017-22

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-22

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-23

reference_id

mfsa2017-23

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-23

reference_url	https://access.redhat.com/errata/RHSA-2017:2831
reference_id	RHSA-2017:2831
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2831

reference_url	https://access.redhat.com/errata/RHSA-2017:2885
reference_id	RHSA-2017:2885
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2885

reference_url	https://usn.ubuntu.com/3435-1/
reference_id	USN-3435-1
reference_type
scores
url	https://usn.ubuntu.com/3435-1/

reference_url	https://usn.ubuntu.com/3436-1/
reference_id	USN-3436-1
reference_type
scores
url	https://usn.ubuntu.com/3436-1/

fixed_packages

url	pkg:deb/debian/firefox@56.0-1?distro=sid
purl	pkg:deb/debian/firefox@56.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@56.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

aliases CVE-2017-7793

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dydk-9hwf-4ka4

url VCID-e36h-6n36-puht

vulnerability_id VCID-e36h-6n36-puht

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could lead to the execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7814.json

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7814.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7814

reference_id

reference_type

scores

value	0.00319
scoring_system	epss
scoring_elements	0.54959
published_at	2026-04-13T12:55:00Z

value	0.00319
scoring_system	epss
scoring_elements	0.54983
published_at	2026-04-12T12:55:00Z

value	0.00319
scoring_system	epss
scoring_elements	0.54874
published_at	2026-04-01T12:55:00Z

value	0.00319
scoring_system	epss
scoring_elements	0.55001
published_at	2026-04-11T12:55:00Z

value	0.00319
scoring_system	epss
scoring_elements	0.54988
published_at	2026-04-09T12:55:00Z

value	0.00319
scoring_system	epss
scoring_elements	0.5499
published_at	2026-04-08T12:55:00Z

value	0.00319
scoring_system	epss
scoring_elements	0.54945
published_at	2026-04-02T12:55:00Z

value	0.00319
scoring_system	epss
scoring_elements	0.54971
published_at	2026-04-04T12:55:00Z

value	0.00319
scoring_system	epss
scoring_elements	0.5494
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7814

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1376036
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1376036

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7805
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7805

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7810
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7810

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7814
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7814

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7818
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7818

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7819
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7819

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7823
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7823

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7824
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7824

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.4
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:N

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2017/11/msg00000.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2017/11/msg00000.html

reference_url	https://www.debian.org/security/2017/dsa-3987
reference_id
reference_type
scores
url	https://www.debian.org/security/2017/dsa-3987

reference_url	https://www.debian.org/security/2017/dsa-4014
reference_id
reference_type
scores
url	https://www.debian.org/security/2017/dsa-4014

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-21/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-21/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-22/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-22/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-23/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-23/

reference_url	http://www.securityfocus.com/bid/101059
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/101059

reference_url	http://www.securitytracker.com/id/1039465
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1039465

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1496652
reference_id	1496652
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1496652

reference_url	https://security.archlinux.org/ASA-201710-19
reference_id	ASA-201710-19
reference_type
scores
url	https://security.archlinux.org/ASA-201710-19

reference_url

https://security.archlinux.org/AVG-441

reference_id

AVG-441

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-441

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-7814

reference_id

CVE-2017-7814

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-7814

reference_url	https://security.gentoo.org/glsa/201802-03
reference_id	GLSA-201802-03
reference_type
scores
url	https://security.gentoo.org/glsa/201802-03

reference_url	https://security.gentoo.org/glsa/201803-14
reference_id	GLSA-201803-14
reference_type
scores
url	https://security.gentoo.org/glsa/201803-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-21

reference_id

mfsa2017-21

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-21

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-22

reference_id

mfsa2017-22

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-22

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-23

reference_id

mfsa2017-23

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-23

reference_url	https://access.redhat.com/errata/RHSA-2017:2831
reference_id	RHSA-2017:2831
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2831

reference_url	https://access.redhat.com/errata/RHSA-2017:2885
reference_id	RHSA-2017:2885
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2885

reference_url	https://usn.ubuntu.com/3435-1/
reference_id	USN-3435-1
reference_type
scores
url	https://usn.ubuntu.com/3435-1/

reference_url	https://usn.ubuntu.com/3436-1/
reference_id	USN-3436-1
reference_type
scores
url	https://usn.ubuntu.com/3436-1/

fixed_packages

url	pkg:deb/debian/firefox@56.0-1?distro=sid
purl	pkg:deb/debian/firefox@56.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@56.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

aliases CVE-2017-7814

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e36h-6n36-puht

url VCID-kvxt-7wyx-dfbr

vulnerability_id VCID-kvxt-7wyx-dfbr

summary WebExtensions could use popups and panels in the extension UI to load an about: privileged URL, violating security checks that disallow this behavior.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7816

reference_id

reference_type

scores

value	0.00272
scoring_system	epss
scoring_elements	0.50654
published_at	2026-04-12T12:55:00Z

value	0.00272
scoring_system	epss
scoring_elements	0.5055
published_at	2026-04-01T12:55:00Z

value	0.00272
scoring_system	epss
scoring_elements	0.50638
published_at	2026-04-13T12:55:00Z

value	0.00272
scoring_system	epss
scoring_elements	0.50634
published_at	2026-04-09T12:55:00Z

value	0.00272
scoring_system	epss
scoring_elements	0.50676
published_at	2026-04-11T12:55:00Z

value	0.00272
scoring_system	epss
scoring_elements	0.50602
published_at	2026-04-02T12:55:00Z

value	0.00272
scoring_system	epss
scoring_elements	0.5063
published_at	2026-04-04T12:55:00Z

value	0.00272
scoring_system	epss
scoring_elements	0.50583
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7816

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1380597
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1380597

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-21/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-21/

reference_url	http://www.securityfocus.com/bid/101057
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/101057

reference_url	http://www.securitytracker.com/id/1039465
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1039465

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-7816

reference_id

CVE-2017-7816

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:N

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2017-7816

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-21

reference_id

mfsa2017-21

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-21

reference_url	https://usn.ubuntu.com/3435-1/
reference_id	USN-3435-1
reference_type
scores
url	https://usn.ubuntu.com/3435-1/

fixed_packages

url	pkg:deb/debian/firefox@56.0-1?distro=sid
purl	pkg:deb/debian/firefox@56.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@56.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

aliases CVE-2017-7816

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kvxt-7wyx-dfbr

url VCID-m3w6-89ms-z3fk

vulnerability_id VCID-m3w6-89ms-z3fk

summary The AES-GCM implementation in WebCrypto API accepts 0-length IV when it should require a length of 1 according to the NIST Special Publication 800-38D specification. This might allow for the authentication key to be determined in some instances.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7822

reference_id

reference_type

scores

value	0.00451
scoring_system	epss
scoring_elements	0.63708
published_at	2026-04-12T12:55:00Z

value	0.00451
scoring_system	epss
scoring_elements	0.63723
published_at	2026-04-11T12:55:00Z

value	0.00451
scoring_system	epss
scoring_elements	0.63675
published_at	2026-04-13T12:55:00Z

value	0.00451
scoring_system	epss
scoring_elements	0.63709
published_at	2026-04-09T12:55:00Z

value	0.00612
scoring_system	epss
scoring_elements	0.698
published_at	2026-04-08T12:55:00Z

value	0.00612
scoring_system	epss
scoring_elements	0.69752
published_at	2026-04-07T12:55:00Z

value	0.00612
scoring_system	epss
scoring_elements	0.69748
published_at	2026-04-01T12:55:00Z

value	0.00612
scoring_system	epss
scoring_elements	0.6976
published_at	2026-04-02T12:55:00Z

value	0.00612
scoring_system	epss
scoring_elements	0.69776
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7822

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1368859
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1368859

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-21/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-21/

reference_url	http://www.securityfocus.com/bid/101057
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/101057

reference_url	http://www.securitytracker.com/id/1039465
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1039465

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-7822

reference_id

CVE-2017-7822

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:N

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2017-7822

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-21

reference_id

mfsa2017-21

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-21

reference_url	https://usn.ubuntu.com/3435-1/
reference_id	USN-3435-1
reference_type
scores
url	https://usn.ubuntu.com/3435-1/

fixed_packages

url	pkg:deb/debian/firefox@56.0-1?distro=sid
purl	pkg:deb/debian/firefox@56.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@56.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

aliases CVE-2017-7822

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m3w6-89ms-z3fk

url VCID-nfr9-wq4n-97df

vulnerability_id VCID-nfr9-wq4n-97df

summary If web content on a page is dragged onto portions of the browser UI, such as the tab bar, links can be opened that otherwise would not be allowed to open. This can allow malicious web content to open a locally stored file through file: URLs.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7812

reference_id

reference_type

scores

value	0.00272
scoring_system	epss
scoring_elements	0.50654
published_at	2026-04-12T12:55:00Z

value	0.00272
scoring_system	epss
scoring_elements	0.5055
published_at	2026-04-01T12:55:00Z

value	0.00272
scoring_system	epss
scoring_elements	0.50638
published_at	2026-04-13T12:55:00Z

value	0.00272
scoring_system	epss
scoring_elements	0.50634
published_at	2026-04-09T12:55:00Z

value	0.00272
scoring_system	epss
scoring_elements	0.50676
published_at	2026-04-11T12:55:00Z

value	0.00272
scoring_system	epss
scoring_elements	0.50602
published_at	2026-04-02T12:55:00Z

value	0.00272
scoring_system	epss
scoring_elements	0.5063
published_at	2026-04-04T12:55:00Z

value	0.00272
scoring_system	epss
scoring_elements	0.50583
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7812

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1379842
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1379842

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-21/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-21/

reference_url	http://www.securityfocus.com/bid/101057
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/101057

reference_url	http://www.securitytracker.com/id/1039465
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1039465

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-7812

reference_id

CVE-2017-7812

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:N

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2017-7812

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-21

reference_id

mfsa2017-21

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-21

reference_url	https://usn.ubuntu.com/3435-1/
reference_id	USN-3435-1
reference_type
scores
url	https://usn.ubuntu.com/3435-1/

fixed_packages

url	pkg:deb/debian/firefox@56.0-1?distro=sid
purl	pkg:deb/debian/firefox@56.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@56.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

aliases CVE-2017-7812

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nfr9-wq4n-97df

url VCID-qwvy-9yec-dybk

vulnerability_id VCID-qwvy-9yec-dybk

summary The instanceof operator can bypass the Xray wrapper mechanism. When called on web content from the browser itself or an extension the web content can provide its own result for that operator, possibly tricking the browser or extension into mishandling the element.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7820

reference_id

reference_type

scores

value	0.00807
scoring_system	epss
scoring_elements	0.74178
published_at	2026-04-13T12:55:00Z

value	0.00807
scoring_system	epss
scoring_elements	0.7413
published_at	2026-04-01T12:55:00Z

value	0.00807
scoring_system	epss
scoring_elements	0.74181
published_at	2026-04-09T12:55:00Z

value	0.00807
scoring_system	epss
scoring_elements	0.74202
published_at	2026-04-11T12:55:00Z

value	0.00807
scoring_system	epss
scoring_elements	0.74185
published_at	2026-04-12T12:55:00Z

value	0.00807
scoring_system	epss
scoring_elements	0.74135
published_at	2026-04-02T12:55:00Z

value	0.00807
scoring_system	epss
scoring_elements	0.74161
published_at	2026-04-04T12:55:00Z

value	0.00807
scoring_system	epss
scoring_elements	0.74133
published_at	2026-04-07T12:55:00Z

value	0.00807
scoring_system	epss
scoring_elements	0.74166
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7820

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1378207
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1378207

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-21/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-21/

reference_url	http://www.securityfocus.com/bid/101057
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/101057

reference_url	http://www.securitytracker.com/id/1039465
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1039465

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-7820

reference_id

CVE-2017-7820

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:P/A:N

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2017-7820

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-21

reference_id

mfsa2017-21

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-21

reference_url	https://usn.ubuntu.com/3435-1/
reference_id	USN-3435-1
reference_type
scores
url	https://usn.ubuntu.com/3435-1/

fixed_packages

url	pkg:deb/debian/firefox@56.0-1?distro=sid
purl	pkg:deb/debian/firefox@56.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@56.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

aliases CVE-2017-7820

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qwvy-9yec-dybk

url VCID-u584-a1yu-jqcf

vulnerability_id VCID-u584-a1yu-jqcf

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could lead to the execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7824.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7824.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7824

reference_id

reference_type

scores

value	0.12063
scoring_system	epss
scoring_elements	0.93787
published_at	2026-04-13T12:55:00Z

value	0.12063
scoring_system	epss
scoring_elements	0.93786
published_at	2026-04-11T12:55:00Z

value	0.12063
scoring_system	epss
scoring_elements	0.93748
published_at	2026-04-01T12:55:00Z

value	0.12063
scoring_system	epss
scoring_elements	0.93782
published_at	2026-04-09T12:55:00Z

value	0.12063
scoring_system	epss
scoring_elements	0.9378
published_at	2026-04-08T12:55:00Z

value	0.12063
scoring_system	epss
scoring_elements	0.93771
published_at	2026-04-07T12:55:00Z

value	0.12063
scoring_system	epss
scoring_elements	0.93757
published_at	2026-04-02T12:55:00Z

value	0.12063
scoring_system	epss
scoring_elements	0.93767
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7824

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1398381
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1398381

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7805
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7805

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7810
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7810

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7814
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7814

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7818
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7818

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7819
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7819

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7823
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7823

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7824
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7824

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.6
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:C/I:C/A:C

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2017/11/msg00000.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2017/11/msg00000.html

reference_url	https://www.debian.org/security/2017/dsa-3987
reference_id
reference_type
scores
url	https://www.debian.org/security/2017/dsa-3987

reference_url	https://www.debian.org/security/2017/dsa-4014
reference_id
reference_type
scores
url	https://www.debian.org/security/2017/dsa-4014

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-21/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-21/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-22/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-22/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-23/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-23/

reference_url	http://www.securityfocus.com/bid/101053
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/101053

reference_url	http://www.securitytracker.com/id/1039465
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1039465

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1496656
reference_id	1496656
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1496656

reference_url	https://security.archlinux.org/ASA-201710-19
reference_id	ASA-201710-19
reference_type
scores
url	https://security.archlinux.org/ASA-201710-19

reference_url

https://security.archlinux.org/AVG-441

reference_id

AVG-441

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-441

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_aus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_aus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_aus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-7824

reference_id

CVE-2017-7824

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-7824

reference_url	https://security.gentoo.org/glsa/201802-03
reference_id	GLSA-201802-03
reference_type
scores
url	https://security.gentoo.org/glsa/201802-03

reference_url	https://security.gentoo.org/glsa/201803-14
reference_id	GLSA-201803-14
reference_type
scores
url	https://security.gentoo.org/glsa/201803-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-21

reference_id

mfsa2017-21

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-21

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-22

reference_id

mfsa2017-22

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-22

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-23

reference_id

mfsa2017-23

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-23

reference_url	https://access.redhat.com/errata/RHSA-2017:2831
reference_id	RHSA-2017:2831
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2831

reference_url	https://access.redhat.com/errata/RHSA-2017:2885
reference_id	RHSA-2017:2885
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2885

reference_url	https://usn.ubuntu.com/3435-1/
reference_id	USN-3435-1
reference_type
scores
url	https://usn.ubuntu.com/3435-1/

reference_url	https://usn.ubuntu.com/3436-1/
reference_id	USN-3436-1
reference_type
scores
url	https://usn.ubuntu.com/3436-1/

fixed_packages

url	pkg:deb/debian/firefox@56.0-1?distro=sid
purl	pkg:deb/debian/firefox@56.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@56.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

aliases CVE-2017-7824

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u584-a1yu-jqcf

url VCID-u8sk-mm4g-ffem

vulnerability_id VCID-u8sk-mm4g-ffem

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could lead to the execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7823.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7823.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7823

reference_id

reference_type

scores

value	0.01416
scoring_system	epss
scoring_elements	0.80556
published_at	2026-04-13T12:55:00Z

value	0.01416
scoring_system	epss
scoring_elements	0.80564
published_at	2026-04-12T12:55:00Z

value	0.01416
scoring_system	epss
scoring_elements	0.80503
published_at	2026-04-01T12:55:00Z

value	0.01416
scoring_system	epss
scoring_elements	0.80577
published_at	2026-04-11T12:55:00Z

value	0.01416
scoring_system	epss
scoring_elements	0.8056
published_at	2026-04-09T12:55:00Z

value	0.01416
scoring_system	epss
scoring_elements	0.8055
published_at	2026-04-08T12:55:00Z

value	0.01416
scoring_system	epss
scoring_elements	0.80509
published_at	2026-04-02T12:55:00Z

value	0.01416
scoring_system	epss
scoring_elements	0.80531
published_at	2026-04-04T12:55:00Z

value	0.01416
scoring_system	epss
scoring_elements	0.80521
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7823

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1396320
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1396320

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7805
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7805

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7810
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7810

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7814
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7814

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7818
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7818

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7819
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7819

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7823
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7823

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7824
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7824

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.4
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:N

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2017/11/msg00000.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2017/11/msg00000.html

reference_url	https://www.debian.org/security/2017/dsa-3987
reference_id
reference_type
scores
url	https://www.debian.org/security/2017/dsa-3987

reference_url	https://www.debian.org/security/2017/dsa-4014
reference_id
reference_type
scores
url	https://www.debian.org/security/2017/dsa-4014

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-21/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-21/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-22/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-22/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-23/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-23/

reference_url	http://www.securityfocus.com/bid/101059
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/101059

reference_url	http://www.securitytracker.com/id/1039465
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1039465

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1496655
reference_id	1496655
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1496655

reference_url	https://security.archlinux.org/ASA-201710-19
reference_id	ASA-201710-19
reference_type
scores
url	https://security.archlinux.org/ASA-201710-19

reference_url

https://security.archlinux.org/AVG-441

reference_id

AVG-441

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-441

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-7823

reference_id

CVE-2017-7823

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2017-7823

reference_url	https://security.gentoo.org/glsa/201802-03
reference_id	GLSA-201802-03
reference_type
scores
url	https://security.gentoo.org/glsa/201802-03

reference_url	https://security.gentoo.org/glsa/201803-14
reference_id	GLSA-201803-14
reference_type
scores
url	https://security.gentoo.org/glsa/201803-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-21

reference_id

mfsa2017-21

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-21

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-22

reference_id

mfsa2017-22

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-22

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-23

reference_id

mfsa2017-23

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-23

reference_url	https://access.redhat.com/errata/RHSA-2017:2831
reference_id	RHSA-2017:2831
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2831

reference_url	https://access.redhat.com/errata/RHSA-2017:2885
reference_id	RHSA-2017:2885
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2885

reference_url	https://usn.ubuntu.com/3435-1/
reference_id	USN-3435-1
reference_type
scores
url	https://usn.ubuntu.com/3435-1/

reference_url	https://usn.ubuntu.com/3436-1/
reference_id	USN-3436-1
reference_type
scores
url	https://usn.ubuntu.com/3436-1/

fixed_packages

url	pkg:deb/debian/firefox@56.0-1?distro=sid
purl	pkg:deb/debian/firefox@56.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@56.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

aliases CVE-2017-7823

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u8sk-mm4g-ffem

url VCID-wfn6-c2ap-y3g4

vulnerability_id VCID-wfn6-c2ap-y3g4

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could lead to the execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7810.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7810.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7810

reference_id

reference_type

scores

value	0.02388
scoring_system	epss
scoring_elements	0.85012
published_at	2026-04-13T12:55:00Z

value	0.02388
scoring_system	epss
scoring_elements	0.85015
published_at	2026-04-12T12:55:00Z

value	0.02388
scoring_system	epss
scoring_elements	0.84936
published_at	2026-04-01T12:55:00Z

value	0.02388
scoring_system	epss
scoring_elements	0.85017
published_at	2026-04-11T12:55:00Z

value	0.02388
scoring_system	epss
scoring_elements	0.85001
published_at	2026-04-09T12:55:00Z

value	0.02388
scoring_system	epss
scoring_elements	0.84994
published_at	2026-04-08T12:55:00Z

value	0.02388
scoring_system	epss
scoring_elements	0.8495
published_at	2026-04-02T12:55:00Z

value	0.02388
scoring_system	epss
scoring_elements	0.84967
published_at	2026-04-04T12:55:00Z

value	0.02388
scoring_system	epss
scoring_elements	0.84971
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7810

reference_url	https://bugzilla.mozilla.org/buglist.cgi?bug_id=1386787%2C1389974%2C1371657%2C1360334%2C1390550%2C1380824%2C1387918%2C1395598
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/buglist.cgi?bug_id=1386787%2C1389974%2C1371657%2C1360334%2C1390550%2C1380824%2C1387918%2C1395598

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7805
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7805

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7810
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7810

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7814
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7814

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7818
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7818

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7819
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7819

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7823
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7823

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7824
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7824

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	10
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:C/I:C/A:C

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2017/11/msg00000.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2017/11/msg00000.html

reference_url	https://www.debian.org/security/2017/dsa-3987
reference_id
reference_type
scores
url	https://www.debian.org/security/2017/dsa-3987

reference_url	https://www.debian.org/security/2017/dsa-4014
reference_id
reference_type
scores
url	https://www.debian.org/security/2017/dsa-4014

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-21/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-21/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-22/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-22/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-23/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-23/

reference_url	http://www.securityfocus.com/bid/101054
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/101054

reference_url	http://www.securitytracker.com/id/1039465
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1039465

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1496651
reference_id	1496651
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1496651

reference_url	https://security.archlinux.org/ASA-201710-19
reference_id	ASA-201710-19
reference_type
scores
url	https://security.archlinux.org/ASA-201710-19

reference_url

https://security.archlinux.org/AVG-441

reference_id

AVG-441

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-441

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-7810

reference_id

CVE-2017-7810

reference_type

scores

value	10.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:C/I:C/A:C

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-7810

reference_url	https://security.gentoo.org/glsa/201802-03
reference_id	GLSA-201802-03
reference_type
scores
url	https://security.gentoo.org/glsa/201802-03

reference_url	https://security.gentoo.org/glsa/201803-14
reference_id	GLSA-201803-14
reference_type
scores
url	https://security.gentoo.org/glsa/201803-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-21

reference_id

mfsa2017-21

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-21

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-22

reference_id

mfsa2017-22

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-22

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-23

reference_id

mfsa2017-23

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-23

reference_url	https://access.redhat.com/errata/RHSA-2017:2831
reference_id	RHSA-2017:2831
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2831

reference_url	https://access.redhat.com/errata/RHSA-2017:2885
reference_id	RHSA-2017:2885
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2885

reference_url	https://usn.ubuntu.com/3435-1/
reference_id	USN-3435-1
reference_type
scores
url	https://usn.ubuntu.com/3435-1/

reference_url	https://usn.ubuntu.com/3436-1/
reference_id	USN-3436-1
reference_type
scores
url	https://usn.ubuntu.com/3436-1/

reference_url	https://usn.ubuntu.com/3688-1/
reference_id	USN-3688-1
reference_type
scores
url	https://usn.ubuntu.com/3688-1/

fixed_packages

url	pkg:deb/debian/firefox@56.0-1?distro=sid
purl	pkg:deb/debian/firefox@56.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@56.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

aliases CVE-2017-7810

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wfn6-c2ap-y3g4

url VCID-yaz5-6485-u7c1

vulnerability_id VCID-yaz5-6485-u7c1

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could lead to the execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7818.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7818.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7818

reference_id

reference_type

scores

value	0.06919
scoring_system	epss
scoring_elements	0.91407
published_at	2026-04-13T12:55:00Z

value	0.06919
scoring_system	epss
scoring_elements	0.91408
published_at	2026-04-12T12:55:00Z

value	0.06919
scoring_system	epss
scoring_elements	0.91356
published_at	2026-04-01T12:55:00Z

value	0.06919
scoring_system	epss
scoring_elements	0.91405
published_at	2026-04-11T12:55:00Z

value	0.06919
scoring_system	epss
scoring_elements	0.91399
published_at	2026-04-09T12:55:00Z

value	0.06919
scoring_system	epss
scoring_elements	0.91392
published_at	2026-04-08T12:55:00Z

value	0.06919
scoring_system	epss
scoring_elements	0.91362
published_at	2026-04-02T12:55:00Z

value	0.06919
scoring_system	epss
scoring_elements	0.91372
published_at	2026-04-04T12:55:00Z

value	0.06919
scoring_system	epss
scoring_elements	0.91379
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7818

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1363723
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1363723

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7805
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7805

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7810
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7810

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7814
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7814

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7818
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7818

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7819
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7819

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7823
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7823

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7824
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7824

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.6
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:C/I:C/A:C

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2017/11/msg00000.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2017/11/msg00000.html

reference_url	https://www.debian.org/security/2017/dsa-3987
reference_id
reference_type
scores
url	https://www.debian.org/security/2017/dsa-3987

reference_url	https://www.debian.org/security/2017/dsa-4014
reference_id
reference_type
scores
url	https://www.debian.org/security/2017/dsa-4014

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-21/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-21/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-22/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-22/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-23/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-23/

reference_url	http://www.securityfocus.com/bid/101055
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/101055

reference_url	http://www.securitytracker.com/id/1039465
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1039465

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1496653
reference_id	1496653
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1496653

reference_url	https://security.archlinux.org/ASA-201710-19
reference_id	ASA-201710-19
reference_type
scores
url	https://security.archlinux.org/ASA-201710-19

reference_url

https://security.archlinux.org/AVG-441

reference_id

AVG-441

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-441

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-7818

reference_id

CVE-2017-7818

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-7818

reference_url	https://security.gentoo.org/glsa/201802-03
reference_id	GLSA-201802-03
reference_type
scores
url	https://security.gentoo.org/glsa/201802-03

reference_url	https://security.gentoo.org/glsa/201803-14
reference_id	GLSA-201803-14
reference_type
scores
url	https://security.gentoo.org/glsa/201803-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-21

reference_id

mfsa2017-21

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-21

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-22

reference_id

mfsa2017-22

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-22

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-23

reference_id

mfsa2017-23

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-23

reference_url	https://access.redhat.com/errata/RHSA-2017:2831
reference_id	RHSA-2017:2831
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2831

reference_url	https://access.redhat.com/errata/RHSA-2017:2885
reference_id	RHSA-2017:2885
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2885

reference_url	https://usn.ubuntu.com/3435-1/
reference_id	USN-3435-1
reference_type
scores
url	https://usn.ubuntu.com/3435-1/

reference_url	https://usn.ubuntu.com/3436-1/
reference_id	USN-3436-1
reference_type
scores
url	https://usn.ubuntu.com/3436-1/

fixed_packages

url	pkg:deb/debian/firefox@56.0-1?distro=sid
purl	pkg:deb/debian/firefox@56.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@56.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

aliases CVE-2017-7818

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yaz5-6485-u7c1

url VCID-ykzd-mar6-r3c5

vulnerability_id VCID-ykzd-mar6-r3c5

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could lead to the execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7819.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7819.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7819

reference_id

reference_type

scores

value	0.06919
scoring_system	epss
scoring_elements	0.91407
published_at	2026-04-13T12:55:00Z

value	0.06919
scoring_system	epss
scoring_elements	0.91408
published_at	2026-04-12T12:55:00Z

value	0.06919
scoring_system	epss
scoring_elements	0.91356
published_at	2026-04-01T12:55:00Z

value	0.06919
scoring_system	epss
scoring_elements	0.91405
published_at	2026-04-11T12:55:00Z

value	0.06919
scoring_system	epss
scoring_elements	0.91399
published_at	2026-04-09T12:55:00Z

value	0.06919
scoring_system	epss
scoring_elements	0.91392
published_at	2026-04-08T12:55:00Z

value	0.06919
scoring_system	epss
scoring_elements	0.91362
published_at	2026-04-02T12:55:00Z

value	0.06919
scoring_system	epss
scoring_elements	0.91372
published_at	2026-04-04T12:55:00Z

value	0.06919
scoring_system	epss
scoring_elements	0.91379
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7819

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1380292
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1380292

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7805
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7805

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7810
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7810

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7814
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7814

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7818
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7818

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7819
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7819

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7823
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7823

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7824
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7824

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.6
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:C/I:C/A:C

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2017/11/msg00000.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2017/11/msg00000.html

reference_url	https://www.debian.org/security/2017/dsa-3987
reference_id
reference_type
scores
url	https://www.debian.org/security/2017/dsa-3987

reference_url	https://www.debian.org/security/2017/dsa-4014
reference_id
reference_type
scores
url	https://www.debian.org/security/2017/dsa-4014

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-21/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-21/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-22/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-22/

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-23/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-23/

reference_url	http://www.securityfocus.com/bid/101055
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/101055

reference_url	http://www.securitytracker.com/id/1039465
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1039465

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1496654
reference_id	1496654
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1496654

reference_url	https://security.archlinux.org/ASA-201710-19
reference_id	ASA-201710-19
reference_type
scores
url	https://security.archlinux.org/ASA-201710-19

reference_url

https://security.archlinux.org/AVG-441

reference_id

AVG-441

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-441

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-7819

reference_id

CVE-2017-7819

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-7819

reference_url	https://security.gentoo.org/glsa/201802-03
reference_id	GLSA-201802-03
reference_type
scores
url	https://security.gentoo.org/glsa/201802-03

reference_url	https://security.gentoo.org/glsa/201803-14
reference_id	GLSA-201803-14
reference_type
scores
url	https://security.gentoo.org/glsa/201803-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-21

reference_id

mfsa2017-21

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-21

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-22

reference_id

mfsa2017-22

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-22

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-23

reference_id

mfsa2017-23

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-23

reference_url	https://access.redhat.com/errata/RHSA-2017:2831
reference_id	RHSA-2017:2831
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2831

reference_url	https://access.redhat.com/errata/RHSA-2017:2885
reference_id	RHSA-2017:2885
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2885

reference_url	https://usn.ubuntu.com/3435-1/
reference_id	USN-3435-1
reference_type
scores
url	https://usn.ubuntu.com/3435-1/

reference_url	https://usn.ubuntu.com/3436-1/
reference_id	USN-3436-1
reference_type
scores
url	https://usn.ubuntu.com/3436-1/

fixed_packages

url	pkg:deb/debian/firefox@56.0-1?distro=sid
purl	pkg:deb/debian/firefox@56.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@56.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

aliases CVE-2017-7819

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ykzd-mar6-r3c5

url VCID-yzz5-as7s-nkaf

vulnerability_id VCID-yzz5-as7s-nkaf

summary On pages containing an iframe, the data: protocol can be used to create a modal dialog through Javascript that will have an arbitrary domains as the dialog's location, spoofing of the origin of the modal dialog from the user view. *Note: This attack only affects installations with e10 multiprocess turned off. Installations with e10s turned on do not support the modal dialog functionality.*

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7815

reference_id

reference_type

scores

value	0.00807
scoring_system	epss
scoring_elements	0.74178
published_at	2026-04-13T12:55:00Z

value	0.00807
scoring_system	epss
scoring_elements	0.7413
published_at	2026-04-01T12:55:00Z

value	0.00807
scoring_system	epss
scoring_elements	0.74181
published_at	2026-04-09T12:55:00Z

value	0.00807
scoring_system	epss
scoring_elements	0.74202
published_at	2026-04-11T12:55:00Z

value	0.00807
scoring_system	epss
scoring_elements	0.74185
published_at	2026-04-12T12:55:00Z

value	0.00807
scoring_system	epss
scoring_elements	0.74135
published_at	2026-04-02T12:55:00Z

value	0.00807
scoring_system	epss
scoring_elements	0.74161
published_at	2026-04-04T12:55:00Z

value	0.00807
scoring_system	epss
scoring_elements	0.74133
published_at	2026-04-07T12:55:00Z

value	0.00807
scoring_system	epss
scoring_elements	0.74166
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7815

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1368981
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1368981

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-21/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-21/

reference_url	http://www.securityfocus.com/bid/101057
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/101057

reference_url	http://www.securitytracker.com/id/1039465
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1039465

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-7815

reference_id

CVE-2017-7815

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:P/A:N

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2017-7815

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-21

reference_id

mfsa2017-21

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-21

reference_url	https://usn.ubuntu.com/3435-1/
reference_id	USN-3435-1
reference_type
scores
url	https://usn.ubuntu.com/3435-1/

fixed_packages

url	pkg:deb/debian/firefox@56.0-1?distro=sid
purl	pkg:deb/debian/firefox@56.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@56.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

aliases CVE-2017-7815

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yzz5-as7s-nkaf

url VCID-z5mk-4spk-1yc1

vulnerability_id VCID-z5mk-4spk-1yc1

summary Inside the JavaScript parser, a cast of an integer to a narrower type can result in data read from outside the buffer being parsed. This usually results in a non-exploitable crash, but can leak a limited amount of information from memory if it matches JavaScript identifier syntax.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7813

reference_id

reference_type

scores

value	0.00579
scoring_system	epss
scoring_elements	0.68859
published_at	2026-04-13T12:55:00Z

value	0.00579
scoring_system	epss
scoring_elements	0.68792
published_at	2026-04-01T12:55:00Z

value	0.00579
scoring_system	epss
scoring_elements	0.68881
published_at	2026-04-09T12:55:00Z

value	0.00579
scoring_system	epss
scoring_elements	0.68903
published_at	2026-04-11T12:55:00Z

value	0.00579
scoring_system	epss
scoring_elements	0.68888
published_at	2026-04-12T12:55:00Z

value	0.00579
scoring_system	epss
scoring_elements	0.68811
published_at	2026-04-07T12:55:00Z

value	0.00579
scoring_system	epss
scoring_elements	0.68831
published_at	2026-04-04T12:55:00Z

value	0.00579
scoring_system	epss
scoring_elements	0.68862
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7813

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1383951
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1383951

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-21/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-21/

reference_url	http://www.securityfocus.com/bid/101057
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/101057

reference_url	http://www.securitytracker.com/id/1039465
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1039465

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-7813

reference_id

CVE-2017-7813

reference_type

scores

value	6.4
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:P

value	8.2
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-7813

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-21

reference_id

mfsa2017-21

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-21

reference_url	https://usn.ubuntu.com/3435-1/
reference_id	USN-3435-1
reference_type
scores
url	https://usn.ubuntu.com/3435-1/

fixed_packages

url	pkg:deb/debian/firefox@56.0-1?distro=sid
purl	pkg:deb/debian/firefox@56.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@56.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

aliases CVE-2017-7813

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z5mk-4spk-1yc1

url VCID-zhen-yj1c-u3d6

vulnerability_id VCID-zhen-yj1c-u3d6

summary Mozilla developers and community members Christian Holler, Jason Kratzer, Tobias Schneider, Tyson Smith, David Keeler, Nicolas B. Pierron, Mike Hommey, Ronald Crane, Tooru Fujisawa, and Philipp reported memory safety bugs present in Firefox 55. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7811

reference_id

reference_type

scores

value	0.02107
scoring_system	epss
scoring_elements	0.841
published_at	2026-04-13T12:55:00Z

value	0.02107
scoring_system	epss
scoring_elements	0.8403
published_at	2026-04-01T12:55:00Z

value	0.02107
scoring_system	epss
scoring_elements	0.84092
published_at	2026-04-09T12:55:00Z

value	0.02107
scoring_system	epss
scoring_elements	0.8411
published_at	2026-04-11T12:55:00Z

value	0.02107
scoring_system	epss
scoring_elements	0.84104
published_at	2026-04-12T12:55:00Z

value	0.02107
scoring_system	epss
scoring_elements	0.84044
published_at	2026-04-02T12:55:00Z

value	0.02107
scoring_system	epss
scoring_elements	0.84061
published_at	2026-04-04T12:55:00Z

value	0.02107
scoring_system	epss
scoring_elements	0.84062
published_at	2026-04-07T12:55:00Z

value	0.02107
scoring_system	epss
scoring_elements	0.84086
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7811

reference_url	https://bugzilla.mozilla.org/buglist.cgi?bug_id=1392105%2C1395919%2C1388113%2C1348955%2C1394522%2C1387659%2C1369560%2C1388045%2C1378658%2C1379414%2C1385112%2C1367497
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/buglist.cgi?bug_id=1392105%2C1395919%2C1388113%2C1348955%2C1394522%2C1387659%2C1369560%2C1388045%2C1378658%2C1379414%2C1385112%2C1367497

reference_url	https://www.mozilla.org/security/advisories/mfsa2017-21/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2017-21/

reference_url	http://www.securityfocus.com/bid/101057
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/101057

reference_url	http://www.securitytracker.com/id/1039465
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1039465

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-7811

reference_id

CVE-2017-7811

reference_type

scores

value	10.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:C/I:C/A:C

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-7811

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-21

reference_id

mfsa2017-21

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-21

reference_url	https://usn.ubuntu.com/3435-1/
reference_id	USN-3435-1
reference_type
scores
url	https://usn.ubuntu.com/3435-1/

fixed_packages

url	pkg:deb/debian/firefox@56.0-1?distro=sid
purl	pkg:deb/debian/firefox@56.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@56.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

aliases CVE-2017-7811

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zhen-yj1c-u3d6

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@56.0-1%3Fdistro=sid

Package Instance