CVE-2017-5383

Source
https://nvd.nist.gov/vuln/detail/CVE-2017-5383
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-5383.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2017-5383
Downstream
Related
Published
2018-06-11T21:29:03Z
Modified
2025-08-09T20:01:25Z
Severity
  • 5.3 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N CVSS Calculator
Summary
[none]
Details

URLs containing certain unicode glyphs for alternative hyphens and quotes do not properly trigger punycode display, allowing for domain name spoofing attacks in the location bar. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.

References

Affected packages