Search for vulnerabilities
Vulnerability details: VCID-hhkh-7xsh-77ey
Vulnerability ID VCID-hhkh-7xsh-77ey
Aliases CVE-2017-5030
Summary
Status Published
Exploitability 2.0
Weighted Severity 9.0
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
cvssv3.1 8.8 http://rhn.redhat.com/errata/RHSA-2017-0499.html
ssvc Attend http://rhn.redhat.com/errata/RHSA-2017-0499.html
cvssv3 8.8 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5030.json
epss 0.60705 https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss 0.60705 https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss 0.60705 https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss 0.63052 https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss 0.63052 https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss 0.63052 https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss 0.63052 https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss 0.63052 https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss 0.63052 https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss 0.63052 https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss 0.63052 https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss 0.63052 https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss 0.63052 https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss 0.63052 https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss 0.63052 https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss 0.63052 https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss 0.63052 https://api.first.org/data/v1/epss?cve=CVE-2017-5030
epss 0.63052 https://api.first.org/data/v1/epss?cve=CVE-2017-5030
cvssv3.1 8.8 https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html
ssvc Attend https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html
cvssv3.1 8.8 https://crbug.com/682194
ssvc Attend https://crbug.com/682194
archlinux Critical https://security.archlinux.org/AVG-197
cvssv3.1 8.8 https://security.gentoo.org/glsa/201704-02
ssvc Attend https://security.gentoo.org/glsa/201704-02
cvssv3.1 8.8 https://www.zerodayinitiative.com/advisories/ZDI-20-126/
ssvc Attend https://www.zerodayinitiative.com/advisories/ZDI-20-126/
cvssv3.1 8.8 http://www.debian.org/security/2017/dsa-3810
ssvc Attend http://www.debian.org/security/2017/dsa-3810
cvssv3.1 8.8 http://www.securityfocus.com/bid/96767
ssvc Attend http://www.securityfocus.com/bid/96767
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5030.json
https://api.first.org/data/v1/epss?cve=CVE-2017-5030
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5029
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5030
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5031
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5032
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5033
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5034
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5035
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5036
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5037
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5038
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5039
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5040
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5041
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5042
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5043
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5044
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5045
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5046
1431030 https://bugzilla.redhat.com/show_bug.cgi?id=1431030
201704-02 https://security.gentoo.org/glsa/201704-02
682194 https://crbug.com/682194
96767 http://www.securityfocus.com/bid/96767
ASA-201703-4 https://security.archlinux.org/ASA-201703-4
AVG-197 https://security.archlinux.org/AVG-197
dsa-3810 http://www.debian.org/security/2017/dsa-3810
RHSA-2017:0499 https://access.redhat.com/errata/RHSA-2017:0499
RHSA-2017-0499.html http://rhn.redhat.com/errata/RHSA-2017-0499.html
stable-channel-update-for-desktop.html https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html
USN-3236-1 https://usn.ubuntu.com/3236-1/
ZDI-20-126 https://www.zerodayinitiative.com/advisories/ZDI-20-126/
Data source KEV
Date added June 8, 2022
Description Google Chromium V8 Engine contains a memory corruption vulnerability that allows a remote attacker to execute code via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Required action Apply updates per vendor instructions.
Due date June 22, 2022
Note 
https://nvd.nist.gov/vuln/detail/CVE-2017-5030
Ransomware campaign use Unknown
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://rhn.redhat.com/errata/RHSA-2017-0499.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T17:17:49Z/ Found at http://rhn.redhat.com/errata/RHSA-2017-0499.html
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5030.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T17:17:49Z/ Found at https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://crbug.com/682194
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T17:17:49Z/ Found at https://crbug.com/682194
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://security.gentoo.org/glsa/201704-02
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T17:17:49Z/ Found at https://security.gentoo.org/glsa/201704-02
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://www.zerodayinitiative.com/advisories/ZDI-20-126/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T17:17:49Z/ Found at https://www.zerodayinitiative.com/advisories/ZDI-20-126/
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://www.debian.org/security/2017/dsa-3810
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T17:17:49Z/ Found at http://www.debian.org/security/2017/dsa-3810
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://www.securityfocus.com/bid/96767
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T17:17:49Z/ Found at http://www.securityfocus.com/bid/96767
Exploit Prediction Scoring System (EPSS)
Percentile 0.98201
EPSS Score 0.60705
Published At July 31, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T08:36:40.820173+00:00 Ubuntu USN Importer Import https://usn.ubuntu.com/3236-1/ 37.0.0