Search for vulnerabilities
Vulnerability details: VCID-4xcz-8rek-7uey
Vulnerability ID VCID-4xcz-8rek-7uey
Aliases CVE-2017-2371
Summary
Status Published
Exploitability 2.0
Weighted Severity 9.0
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.0776 https://api.first.org/data/v1/epss?cve=CVE-2017-2371
epss 0.0776 https://api.first.org/data/v1/epss?cve=CVE-2017-2371
epss 0.0776 https://api.first.org/data/v1/epss?cve=CVE-2017-2371
epss 0.0776 https://api.first.org/data/v1/epss?cve=CVE-2017-2371
epss 0.0776 https://api.first.org/data/v1/epss?cve=CVE-2017-2371
epss 0.08437 https://api.first.org/data/v1/epss?cve=CVE-2017-2371
epss 0.08437 https://api.first.org/data/v1/epss?cve=CVE-2017-2371
epss 0.08437 https://api.first.org/data/v1/epss?cve=CVE-2017-2371
epss 0.08437 https://api.first.org/data/v1/epss?cve=CVE-2017-2371
epss 0.08437 https://api.first.org/data/v1/epss?cve=CVE-2017-2371
epss 0.08437 https://api.first.org/data/v1/epss?cve=CVE-2017-2371
epss 0.08437 https://api.first.org/data/v1/epss?cve=CVE-2017-2371
epss 0.08437 https://api.first.org/data/v1/epss?cve=CVE-2017-2371
epss 0.08437 https://api.first.org/data/v1/epss?cve=CVE-2017-2371
epss 0.08437 https://api.first.org/data/v1/epss?cve=CVE-2017-2371
epss 0.08437 https://api.first.org/data/v1/epss?cve=CVE-2017-2371
epss 0.08437 https://api.first.org/data/v1/epss?cve=CVE-2017-2371
epss 0.08437 https://api.first.org/data/v1/epss?cve=CVE-2017-2371
epss 0.08437 https://api.first.org/data/v1/epss?cve=CVE-2017-2371
epss 0.08437 https://api.first.org/data/v1/epss?cve=CVE-2017-2371
epss 0.08437 https://api.first.org/data/v1/epss?cve=CVE-2017-2371
epss 0.08437 https://api.first.org/data/v1/epss?cve=CVE-2017-2371
epss 0.08437 https://api.first.org/data/v1/epss?cve=CVE-2017-2371
epss 0.08437 https://api.first.org/data/v1/epss?cve=CVE-2017-2371
epss 0.08437 https://api.first.org/data/v1/epss?cve=CVE-2017-2371
cvssv2 4.3 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
archlinux Critical https://security.archlinux.org/AVG-170
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2017-2371
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2371
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
ASA-201702-9 https://security.archlinux.org/ASA-201702-9
AVG-170 https://security.archlinux.org/AVG-170
CVE-2017-2371;HT207482 Exploit https://bugs.chromium.org/p/project-zero/issues/detail?id=1050
CVE-2017-2371;HT207482 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/41451.html
USN-3200-1 https://usn.ubuntu.com/3200-1/
Data source Exploit-DB
Date added Feb. 24, 2017
Description Apple WebKit 10.0.2 - Cross-Origin or Sandboxed IFRAME Pop-up Blocker Bypass
Ransomware campaign use Known
Source publication date Feb. 24, 2017
Exploit type webapps
Platform multiple
Source update date Feb. 24, 2017
Source URL https://bugs.chromium.org/p/project-zero/issues/detail?id=1050
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.91611
EPSS Score 0.0776
Published At Sept. 16, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T08:32:24.828130+00:00 Alpine Linux Importer Import https://secdb.alpinelinux.org/v3.9/community.json 37.0.0