VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-hhkh-7xsh-77ey

Essentials
Severities (26)
References (32)
Severity details (16)
Exploits (1)
EPSS
History (1)

Vulnerability ID	VCID-hhkh-7xsh-77ey
Aliases	CVE-2017-5030
Summary
Status	Published
Exploitability	2.0
Weighted Severity	9.0
Risk	10.0
Affected and Fixed Packages	Package Details

Weaknesses (0)

There are no known CWE.

System	Score	Found at
cvssv3.1	8.8	http://rhn.redhat.com/errata/RHSA-2017-0499.html
ssvc	Attend	http://rhn.redhat.com/errata/RHSA-2017-0499.html
cvssv3	8.8	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5030.json
epss	0.60705	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.60705	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.60705	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.63052	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.63052	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.63052	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.63052	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.63052	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.63052	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss	0.63052	https://api.first.org/data/v1/epss?cve=CVE-2017-5030
cvssv3.1	8.8	https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html
ssvc	Attend	https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html
cvssv3.1	8.8	https://crbug.com/682194
ssvc	Attend	https://crbug.com/682194
archlinux	Critical	https://security.archlinux.org/AVG-197
cvssv3.1	8.8	https://security.gentoo.org/glsa/201704-02
ssvc	Attend	https://security.gentoo.org/glsa/201704-02
cvssv3.1	8.8	https://www.zerodayinitiative.com/advisories/ZDI-20-126/
ssvc	Attend	https://www.zerodayinitiative.com/advisories/ZDI-20-126/
cvssv3.1	8.8	http://www.debian.org/security/2017/dsa-3810
ssvc	Attend	http://www.debian.org/security/2017/dsa-3810
cvssv3.1	8.8	http://www.securityfocus.com/bid/96767
ssvc	Attend	http://www.securityfocus.com/bid/96767

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5030.json
		https://api.first.org/data/v1/epss?cve=CVE-2017-5030
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5029
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5030
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5031
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5032
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5033
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5034
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5035
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5036
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5037
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5038
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5039
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5040
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5041
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5042
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5043
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5044
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5045
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5046
1431030		https://bugzilla.redhat.com/show_bug.cgi?id=1431030
201704-02		https://security.gentoo.org/glsa/201704-02
682194		https://crbug.com/682194
96767		http://www.securityfocus.com/bid/96767
ASA-201703-4		https://security.archlinux.org/ASA-201703-4
AVG-197		https://security.archlinux.org/AVG-197
dsa-3810		http://www.debian.org/security/2017/dsa-3810
RHSA-2017:0499		https://access.redhat.com/errata/RHSA-2017:0499
RHSA-2017-0499.html		http://rhn.redhat.com/errata/RHSA-2017-0499.html
stable-channel-update-for-desktop.html		https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html
USN-3236-1		https://usn.ubuntu.com/3236-1/
ZDI-20-126		https://www.zerodayinitiative.com/advisories/ZDI-20-126/

Data source	KEV
Date added	June 8, 2022
Description	Google Chromium V8 Engine contains a memory corruption vulnerability that allows a remote attacker to execute code via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Required action	Apply updates per vendor instructions.
Due date	June 22, 2022
Note	https://nvd.nist.gov/vuln/detail/CVE-2017-5030
Ransomware campaign use	Unknown

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://rhn.redhat.com/errata/RHSA-2017-0499.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T17:17:49Z/ Found at http://rhn.redhat.com/errata/RHSA-2017-0499.html

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5030.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T17:17:49Z/ Found at https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://crbug.com/682194

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T17:17:49Z/ Found at https://crbug.com/682194

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://security.gentoo.org/glsa/201704-02

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T17:17:49Z/ Found at https://security.gentoo.org/glsa/201704-02

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://www.zerodayinitiative.com/advisories/ZDI-20-126/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T17:17:49Z/ Found at https://www.zerodayinitiative.com/advisories/ZDI-20-126/

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://www.debian.org/security/2017/dsa-3810

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T17:17:49Z/ Found at http://www.debian.org/security/2017/dsa-3810

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://www.securityfocus.com/bid/96767

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T17:17:49Z/ Found at http://www.securityfocus.com/bid/96767

Exploit Prediction Scoring System (EPSS)

Percentile	0.98201
EPSS Score	0.60705
Published At	July 31, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2025-07-31T08:36:40.820173+00:00	Ubuntu USN Importer	Import	https://usn.ubuntu.com/3236-1/	37.0.0