{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56569?format=json","vulnerability_id":"VCID-6pdh-nn19-8yc5","summary":"Multiple vulnerabilities have been found in Graphite, the worst of\n    which could lead to the remote execution of arbitrary code.","aliases":[{"alias":"CVE-2017-7775"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371550?format=json","purl":"pkg:alpm/archlinux/firefox@54.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@54.0-1"},{"url":"http://public2.vulnerablecode.io/api/packages/371548?format=json","purl":"pkg:alpm/archlinux/thunderbird@52.2.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@52.2.0-1"},{"url":"http://public2.vulnerablecode.io/api/packages/83103?format=json","purl":"pkg:ebuild/media-gfx/graphite2@1.3.10","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/graphite2@1.3.10"},{"url":"http://public2.vulnerablecode.io/api/packages/84559?format=json","purl":"pkg:ebuild/www-client/firefox@52.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@52.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/84560?format=json","purl":"pkg:ebuild/www-client/firefox-bin@52.6.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@52.6.0"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/371549?format=json","purl":"pkg:alpm/archlinux/firefox@53.0.3-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-56jb-xrj9-dyf3"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-6pdh-nn19-8yc5"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jvkp-8vex-4yby"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@53.0.3-1"},{"url":"http://public2.vulnerablecode.io/api/packages/371547?format=json","purl":"pkg:alpm/archlinux/thunderbird@52.1.1-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-6pdh-nn19-8yc5"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@52.1.1-1"},{"url":"http://public2.vulnerablecode.io/api/packages/112178?format=json","purl":"pkg:rpm/redhat/firefox@52.2.0-1?arch=el6_9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-6pdh-nn19-8yc5"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/firefox@52.2.0-1%3Farch=el6_9"},{"url":"http://public2.vulnerablecode.io/api/packages/112179?format=json","purl":"pkg:rpm/redhat/firefox@52.2.0-1?arch=el7_3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-6pdh-nn19-8yc5"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/firefox@52.2.0-1%3Farch=el7_3"},{"url":"http://public2.vulnerablecode.io/api/packages/112182?format=json","purl":"pkg:rpm/redhat/graphite2@1.3.10-1?arch=el7_3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6pdh-nn19-8yc5"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/graphite2@1.3.10-1%3Farch=el7_3"},{"url":"http://public2.vulnerablecode.io/api/packages/112180?format=json","purl":"pkg:rpm/redhat/thunderbird@52.2.0-1?arch=el7_3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-6pdh-nn19-8yc5"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/thunderbird@52.2.0-1%3Farch=el7_3"},{"url":"http://public2.vulnerablecode.io/api/packages/112181?format=json","purl":"pkg:rpm/redhat/thunderbird@52.2.0-1?arch=el6_9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4jqv-p541-tfa9"},{"vulnerability":"VCID-622g-5uav-bbgd"},{"vulnerability":"VCID-6pdh-nn19-8yc5"},{"vulnerability":"VCID-9k9g-4cxt-3faj"},{"vulnerability":"VCID-awue-n9ua-hfej"},{"vulnerability":"VCID-f7zd-nx3e-tba1"},{"vulnerability":"VCID-h63e-ngr6-zqee"},{"vulnerability":"VCID-j56s-gf2k-zqdx"},{"vulnerability":"VCID-jwnz-gnjs-1uaa"},{"vulnerability":"VCID-k79j-1yvn-qfd2"},{"vulnerability":"VCID-nyn2-zf8c-67cb"},{"vulnerability":"VCID-pmwj-2v2k-nfcb"},{"vulnerability":"VCID-pww9-m9d4-euew"},{"vulnerability":"VCID-qhes-9dcx-tbb5"},{"vulnerability":"VCID-rsqj-18a5-23gd"},{"vulnerability":"VCID-sncj-cwvy-ckdf"},{"vulnerability":"VCID-xztj-hyqy-gug6"},{"vulnerability":"VCID-z3r1-zkkw-8fhq"},{"vulnerability":"VCID-z7sd-q1rk-jqa7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/thunderbird@52.2.0-1%3Farch=el6_9"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7775.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7775.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1472221","reference_id":"1472221","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1472221"},{"reference_url":"https://security.archlinux.org/ASA-201706-19","reference_id":"ASA-201706-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-19"},{"reference_url":"https://security.archlinux.org/ASA-201706-20","reference_id":"ASA-201706-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-20"},{"reference_url":"https://security.archlinux.org/AVG-302","reference_id":"AVG-302","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-302"},{"reference_url":"https://security.archlinux.org/AVG-303","reference_id":"AVG-303","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-303"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7775","reference_id":"CVE-2017-7775","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7775"},{"reference_url":"https://security.gentoo.org/glsa/201710-13","reference_id":"GLSA-201710-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-13"},{"reference_url":"https://security.gentoo.org/glsa/201802-03","reference_id":"GLSA-201802-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1440","reference_id":"RHSA-2017:1440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1561","reference_id":"RHSA-2017:1561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1561"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1793","reference_id":"RHSA-2017:1793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1793"},{"reference_url":"https://usn.ubuntu.com/3315-1/","reference_id":"USN-3315-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3315-1/"},{"reference_url":"https://usn.ubuntu.com/3321-1/","reference_id":"USN-3321-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3321-1/"},{"reference_url":"https://usn.ubuntu.com/3398-1/","reference_id":"USN-3398-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3398-1/"}],"weaknesses":[{"cwe_id":617,"name":"Reachable Assertion","description":"The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary."}],"exploits":[],"severity_range_score":"3.7 - 10.0","exploitability":"0.5","weighted_severity":"9.0","risk_score":4.5,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6pdh-nn19-8yc5"}