{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/593?format=json","vulnerability_id":"VCID-5muy-mca9-rqet","summary":"The Developer Tools feature suffers from a XUL injection vulnerability due to improper sanitization of the web page source code. In the worst case, this could allow arbitrary code execution when opening a malicious page with the style editor tool.","aliases":[{"alias":"CVE-2017-7798"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1852?format=json","purl":"pkg:alpm/archlinux/firefox@55.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@55.0-1"},{"url":"http://public2.vulnerablecode.io/api/packages/454?format=json","purl":"pkg:mozilla/Firefox@55.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@55.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/448?format=json","purl":"pkg:mozilla/Firefox%20ESR@52.3.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox%2520ESR@52.3.0"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1851?format=json","purl":"pkg:alpm/archlinux/firefox@54.0.1-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-21fd-3bm8-nuhg"},{"vulnerability":"VCID-3qw2-tzj7-u3fa"},{"vulnerability":"VCID-5a6g-h3b1-vqfy"},{"vulnerability":"VCID-5muy-mca9-rqet"},{"vulnerability":"VCID-74ur-xkr1-a7er"},{"vulnerability":"VCID-7sk9-2y8h-ekdq"},{"vulnerability":"VCID-883g-dbap-u7aw"},{"vulnerability":"VCID-a6nu-n226-6fgh"},{"vulnerability":"VCID-auz2-mkb7-3uhh"},{"vulnerability":"VCID-azwt-6846-1kgm"},{"vulnerability":"VCID-cqty-a2zv-bff1"},{"vulnerability":"VCID-f9cy-h7kt-zudr"},{"vulnerability":"VCID-fznu-jdyc-47hv"},{"vulnerability":"VCID-gcyv-192g-3ygq"},{"vulnerability":"VCID-k458-ek4h-4kht"},{"vulnerability":"VCID-md7v-but8-7qdz"},{"vulnerability":"VCID-p1ry-j666-3qhy"},{"vulnerability":"VCID-pfmg-gnh7-p3g6"},{"vulnerability":"VCID-rugx-ug7m-qygh"},{"vulnerability":"VCID-uww5-29jb-n3gc"},{"vulnerability":"VCID-vyzx-e65q-wqcp"},{"vulnerability":"VCID-wp9t-e5k9-uybw"},{"vulnerability":"VCID-x2hg-g7n3-8qbw"},{"vulnerability":"VCID-xgvy-fw6z-9bfg"},{"vulnerability":"VCID-yuw9-jt66-2qd6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@54.0.1-1"}],"references":[{"reference_url":"https://security.archlinux.org/ASA-201708-3","reference_id":"ASA-201708-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201708-3"},{"reference_url":"https://security.archlinux.org/AVG-375","reference_id":"AVG-375","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-375"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-18","reference_id":"mfsa2017-18","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-18"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-19","reference_id":"mfsa2017-19","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-19"}],"weaknesses":[],"exploits":[],"severity_range_score":"9.0 - 10.0","exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5muy-mca9-rqet"}