VulnerableCode Vulnerability Details

System	Score	Found at
cvssv3	6.1	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5383.json
epss	0.02444	https://api.first.org/data/v1/epss?cve=CVE-2017-5383
epss	0.02444	https://api.first.org/data/v1/epss?cve=CVE-2017-5383
epss	0.02444	https://api.first.org/data/v1/epss?cve=CVE-2017-5383
epss	0.02444	https://api.first.org/data/v1/epss?cve=CVE-2017-5383
epss	0.02444	https://api.first.org/data/v1/epss?cve=CVE-2017-5383
epss	0.02444	https://api.first.org/data/v1/epss?cve=CVE-2017-5383
epss	0.02444	https://api.first.org/data/v1/epss?cve=CVE-2017-5383
epss	0.02444	https://api.first.org/data/v1/epss?cve=CVE-2017-5383
epss	0.02444	https://api.first.org/data/v1/epss?cve=CVE-2017-5383
epss	0.02444	https://api.first.org/data/v1/epss?cve=CVE-2017-5383
epss	0.02444	https://api.first.org/data/v1/epss?cve=CVE-2017-5383
epss	0.02444	https://api.first.org/data/v1/epss?cve=CVE-2017-5383
epss	0.02444	https://api.first.org/data/v1/epss?cve=CVE-2017-5383
epss	0.02444	https://api.first.org/data/v1/epss?cve=CVE-2017-5383
cvssv2	4.3	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv2	5.0	https://nvd.nist.gov/vuln/detail/CVE-2017-5383
cvssv3	5.3	https://nvd.nist.gov/vuln/detail/CVE-2017-5383
archlinux	Critical	https://security.archlinux.org/AVG-157
archlinux	Critical	https://security.archlinux.org/AVG-158
generic_textual	critical	https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
generic_textual	critical	https://www.mozilla.org/en-US/security/advisories/mfsa2017-02
generic_textual	critical	https://www.mozilla.org/en-US/security/advisories/mfsa2017-03

System

Score

Found at

cvssv3

6.1

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5383.json

epss

0.02444

https://api.first.org/data/v1/epss?cve=CVE-2017-5383

epss

0.02444

https://api.first.org/data/v1/epss?cve=CVE-2017-5383

epss

0.02444

https://api.first.org/data/v1/epss?cve=CVE-2017-5383

epss

0.02444

https://api.first.org/data/v1/epss?cve=CVE-2017-5383

epss

0.02444

https://api.first.org/data/v1/epss?cve=CVE-2017-5383

epss

0.02444

https://api.first.org/data/v1/epss?cve=CVE-2017-5383

epss

0.02444

https://api.first.org/data/v1/epss?cve=CVE-2017-5383

epss

0.02444

https://api.first.org/data/v1/epss?cve=CVE-2017-5383

epss

0.02444

https://api.first.org/data/v1/epss?cve=CVE-2017-5383

epss

0.02444

https://api.first.org/data/v1/epss?cve=CVE-2017-5383

epss

0.02444

https://api.first.org/data/v1/epss?cve=CVE-2017-5383

epss

0.02444

https://api.first.org/data/v1/epss?cve=CVE-2017-5383

epss

0.02444

https://api.first.org/data/v1/epss?cve=CVE-2017-5383

epss

0.02444

https://api.first.org/data/v1/epss?cve=CVE-2017-5383

cvssv2

4.3

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

cvssv2

5.0

https://nvd.nist.gov/vuln/detail/CVE-2017-5383

cvssv3

5.3

https://nvd.nist.gov/vuln/detail/CVE-2017-5383

archlinux

Critical

https://security.archlinux.org/AVG-157

archlinux

Critical

https://security.archlinux.org/AVG-158

generic_textual

critical

https://www.mozilla.org/en-US/security/advisories/mfsa2017-01

generic_textual

critical

https://www.mozilla.org/en-US/security/advisories/mfsa2017-02

generic_textual

critical

https://www.mozilla.org/en-US/security/advisories/mfsa2017-03

Reference id	Reference type	URL
		http://rhn.redhat.com/errata/RHSA-2017-0190.html
		http://rhn.redhat.com/errata/RHSA-2017-0238.html
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5383.json
		https://api.first.org/data/v1/epss?cve=CVE-2017-5383
		https://bugzilla.mozilla.org/show_bug.cgi?id=1323338
		https://bugzilla.mozilla.org/show_bug.cgi?id=1324716
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://security.gentoo.org/glsa/201702-13
		https://security.gentoo.org/glsa/201702-22
		https://www.debian.org/security/2017/dsa-3771
		https://www.debian.org/security/2017/dsa-3832
		https://www.mozilla.org/security/advisories/mfsa2017-01/
		https://www.mozilla.org/security/advisories/mfsa2017-02/
		https://www.mozilla.org/security/advisories/mfsa2017-03/
		http://www.securityfocus.com/bid/95769
		http://www.securitytracker.com/id/1037693
1416281		https://bugzilla.redhat.com/show_bug.cgi?id=1416281
ASA-201701-39		https://security.archlinux.org/ASA-201701-39
ASA-201701-40		https://security.archlinux.org/ASA-201701-40
AVG-157		https://security.archlinux.org/AVG-157
AVG-158		https://security.archlinux.org/AVG-158
cpe:2.3:a:mozilla:firefox::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
cpe:2.3:a:mozilla:firefox_esr::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr::::::::
cpe:2.3:a:mozilla:thunderbird::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
cpe:2.3:o:debian:debian_linux:8.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*
cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
CVE-2017-5383		https://nvd.nist.gov/vuln/detail/CVE-2017-5383
mfsa2017-01		https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
mfsa2017-02		https://www.mozilla.org/en-US/security/advisories/mfsa2017-02
mfsa2017-03		https://www.mozilla.org/en-US/security/advisories/mfsa2017-03
RHSA-2017:0190		https://access.redhat.com/errata/RHSA-2017:0190
RHSA-2017:0238		https://access.redhat.com/errata/RHSA-2017:0238
USN-3165-1		https://usn.ubuntu.com/3165-1/
USN-3175-1		https://usn.ubuntu.com/3175-1/

Reference id

Reference type

URL

http://rhn.redhat.com/errata/RHSA-2017-0190.html

http://rhn.redhat.com/errata/RHSA-2017-0238.html

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5383.json

https://api.first.org/data/v1/epss?cve=CVE-2017-5383

https://bugzilla.mozilla.org/show_bug.cgi?id=1323338

https://bugzilla.mozilla.org/show_bug.cgi?id=1324716

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

https://security.gentoo.org/glsa/201702-13

https://security.gentoo.org/glsa/201702-22

https://www.debian.org/security/2017/dsa-3771

https://www.debian.org/security/2017/dsa-3832

https://www.mozilla.org/security/advisories/mfsa2017-01/

https://www.mozilla.org/security/advisories/mfsa2017-02/

https://www.mozilla.org/security/advisories/mfsa2017-03/

http://www.securityfocus.com/bid/95769

http://www.securitytracker.com/id/1037693

1416281

https://bugzilla.redhat.com/show_bug.cgi?id=1416281

ASA-201701-39

https://security.archlinux.org/ASA-201701-39

ASA-201701-40

https://security.archlinux.org/ASA-201701-40

AVG-157

https://security.archlinux.org/AVG-157

AVG-158

https://security.archlinux.org/AVG-158

cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

CVE-2017-5383

https://nvd.nist.gov/vuln/detail/CVE-2017-5383

mfsa2017-01

https://www.mozilla.org/en-US/security/advisories/mfsa2017-01

mfsa2017-02

https://www.mozilla.org/en-US/security/advisories/mfsa2017-02

mfsa2017-03

https://www.mozilla.org/en-US/security/advisories/mfsa2017-03

RHSA-2017:0190

https://access.redhat.com/errata/RHSA-2017:0190

RHSA-2017:0238

https://access.redhat.com/errata/RHSA-2017:0238

USN-3165-1

https://usn.ubuntu.com/3165-1/

USN-3175-1

https://usn.ubuntu.com/3175-1/

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5383.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2017-5383

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2017-5383

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Date	Actor	Action	Source	VulnerableCode Version
2025-07-31T08:09:15.835154+00:00	Mozilla Importer	Import	https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2017/mfsa2017-03.yml	37.0.0

2025-07-31T08:09:15.835154+00:00

Mozilla Importer

Import

https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2017/mfsa2017-03.yml

37.0.0

Vulnerability ID	VCID-uanj-k2n4-j7ak
Aliases	CVE-2017-5383
Summary	URLs containing certain unicode glyphs for alternative hyphens and quotes do not properly trigger punycode display, allowing for domain name spoofing attacks in the location bar.
Status	Published
Exploitability	0.5
Weighted Severity	9.0
Risk	4.5
Affected and Fixed Packages	Package Details

Percentile	0.84557
EPSS Score	0.02444
Published At	July 30, 2025, 12:55 p.m.