Search for vulnerabilities
Vulnerability details: VCID-q5h6-g6gz-xbct
Vulnerability ID VCID-q5h6-g6gz-xbct
Aliases CVE-2017-2365
Summary
Status Published
Exploitability 2.0
Weighted Severity 9.0
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.19545 https://api.first.org/data/v1/epss?cve=CVE-2017-2365
epss 0.19545 https://api.first.org/data/v1/epss?cve=CVE-2017-2365
epss 0.19545 https://api.first.org/data/v1/epss?cve=CVE-2017-2365
epss 0.19545 https://api.first.org/data/v1/epss?cve=CVE-2017-2365
epss 0.19545 https://api.first.org/data/v1/epss?cve=CVE-2017-2365
epss 0.19545 https://api.first.org/data/v1/epss?cve=CVE-2017-2365
epss 0.19545 https://api.first.org/data/v1/epss?cve=CVE-2017-2365
epss 0.19545 https://api.first.org/data/v1/epss?cve=CVE-2017-2365
epss 0.19545 https://api.first.org/data/v1/epss?cve=CVE-2017-2365
epss 0.19545 https://api.first.org/data/v1/epss?cve=CVE-2017-2365
epss 0.19545 https://api.first.org/data/v1/epss?cve=CVE-2017-2365
epss 0.19545 https://api.first.org/data/v1/epss?cve=CVE-2017-2365
epss 0.19545 https://api.first.org/data/v1/epss?cve=CVE-2017-2365
epss 0.19545 https://api.first.org/data/v1/epss?cve=CVE-2017-2365
epss 0.19545 https://api.first.org/data/v1/epss?cve=CVE-2017-2365
epss 0.19545 https://api.first.org/data/v1/epss?cve=CVE-2017-2365
epss 0.19545 https://api.first.org/data/v1/epss?cve=CVE-2017-2365
epss 0.19545 https://api.first.org/data/v1/epss?cve=CVE-2017-2365
epss 0.19545 https://api.first.org/data/v1/epss?cve=CVE-2017-2365
epss 0.19545 https://api.first.org/data/v1/epss?cve=CVE-2017-2365
epss 0.19545 https://api.first.org/data/v1/epss?cve=CVE-2017-2365
epss 0.19545 https://api.first.org/data/v1/epss?cve=CVE-2017-2365
epss 0.19545 https://api.first.org/data/v1/epss?cve=CVE-2017-2365
epss 0.19545 https://api.first.org/data/v1/epss?cve=CVE-2017-2365
epss 0.19545 https://api.first.org/data/v1/epss?cve=CVE-2017-2365
epss 0.19545 https://api.first.org/data/v1/epss?cve=CVE-2017-2365
cvssv2 4.3 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
archlinux Critical https://security.archlinux.org/AVG-170
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2017-2365
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2365
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
ASA-201702-9 https://security.archlinux.org/ASA-201702-9
AVG-170 https://security.archlinux.org/AVG-170
CVE-2017-2365;HT207485;HT207484;HT207482 Exploit https://bugs.chromium.org/p/project-zero/issues/detail?id=1057
CVE-2017-2365;HT207485;HT207484;HT207482 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/41453.html
USN-3200-1 https://usn.ubuntu.com/3200-1/
Data source Exploit-DB
Date added Feb. 24, 2017
Description Apple WebKit 10.0.2 - 'Frame::setDocument' Universal Cross-Site Scripting
Ransomware campaign use Known
Source publication date Feb. 24, 2017
Exploit type webapps
Platform multiple
Source update date Feb. 24, 2017
Source URL https://bugs.chromium.org/p/project-zero/issues/detail?id=1057
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.95159
EPSS Score 0.19545
Published At Aug. 5, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T08:38:10.566153+00:00 Alpine Linux Importer Import https://secdb.alpinelinux.org/v3.10/community.json 37.0.0