{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-15T12:20:15.836","vulnerabilities":[{"cve":{"id":"CVE-2017-7838","sourceIdentifier":"security@mozilla.org","published":"2018-06-11T21:29:11.733","lastModified":"2024-11-21T03:32:46.413","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Punycode format text will be displayed for entire qualified international domain names in some instances when a sub-domain triggers the punycode display instead of the primary domain being displayed in native script and the sub-domain only displaying as punycode. This could be used for limited spoofing attacks due to user confusion. This vulnerability affects Firefox < 57."},{"lang":"es","value":"El texto de formato punycode se mostrará a todos los nombres de dominio internacionales cualificados en determinadas instancias cuando un subdominio fuerza la aparición del punycode en vez de mostrar el dominio primario en código script nativo y solo mostrar el subdominio como punycode. Esto se podría utilizar para ataques de suplantación limitados gracias a la confusión del usuario. Esta vulnerabilidad afecta a las versiones anteriores a la 57 de Firefox."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:L\/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N\/AC:L\/Au:N\/C:N\/I:P\/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","versionEndIncluding":"56.0.2","matchCriteriaId":"EA62B76A-2D57-426E-8529-6B3C1AF85F4A"}]}]}],"references":[{"url":"http:\/\/www.securityfocus.com\/bid\/101832","source":"security@mozilla.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"http:\/\/www.securitytracker.com\/id\/1039803","source":"security@mozilla.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"https:\/\/bugzilla.mozilla.org\/show_bug.cgi?id=1399540","source":"security@mozilla.org","tags":["Issue Tracking","Permissions Required"]},{"url":"https:\/\/www.mozilla.org\/security\/advisories\/mfsa2017-24\/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"http:\/\/www.securityfocus.com\/bid\/101832","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http:\/\/www.securitytracker.com\/id\/1039803","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https:\/\/bugzilla.mozilla.org\/show_bug.cgi?id=1399540","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Permissions Required"]},{"url":"https:\/\/www.mozilla.org\/security\/advisories\/mfsa2017-24\/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}