Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/1035514?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "type": "deb", "namespace": "debian", "name": "icedove", "version": "1:45.8.0-3~deb8u1", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51547?format=api", "vulnerability_id": "VCID-3cbn-278y-hkah", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7784.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7784.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7784", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05217", "scoring_system": "epss", "scoring_elements": "0.89951", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.05217", "scoring_system": "epss", "scoring_elements": "0.89953", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.05217", "scoring_system": "epss", "scoring_elements": "0.89901", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.05217", "scoring_system": "epss", "scoring_elements": "0.89945", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.05217", "scoring_system": "epss", "scoring_elements": "0.8994", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.05217", "scoring_system": "epss", "scoring_elements": "0.89923", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.05217", "scoring_system": "epss", "scoring_elements": "0.89904", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.05217", "scoring_system": "epss", "scoring_elements": "0.89917", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7784" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1376087", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1376087" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:C/I:C/A:C" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3928", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3928" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3968" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-18/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-18/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-19/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-19/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-20/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-20/" }, { "reference_url": "http://www.securityfocus.com/bid/100202", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/100202" }, { "reference_url": "http://www.securitytracker.com/id/1039124", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039124" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479201", "reference_id": "1479201", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479201" }, { "reference_url": "https://security.archlinux.org/ASA-201708-18", "reference_id": "ASA-201708-18", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-18" }, { "reference_url": "https://security.archlinux.org/ASA-201708-3", "reference_id": "ASA-201708-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-3" }, { "reference_url": "https://security.archlinux.org/AVG-375", "reference_id": "AVG-375", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-375" }, { "reference_url": "https://security.archlinux.org/AVG-385", "reference_id": "AVG-385", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-385" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7784", "reference_id": "CVE-2017-7784", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7784" }, { "reference_url": "https://security.gentoo.org/glsa/201802-03", "reference_id": "GLSA-201802-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201802-03" }, { "reference_url": "https://security.gentoo.org/glsa/201803-14", "reference_id": "GLSA-201803-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201803-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18", "reference_id": "mfsa2017-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19", "reference_id": "mfsa2017-19", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20", "reference_id": "mfsa2017-20", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2456", "reference_id": "RHSA-2017:2456", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2456" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2534", "reference_id": "RHSA-2017:2534", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2534" }, { "reference_url": "https://usn.ubuntu.com/3391-1/", "reference_id": "USN-3391-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3391-1/" }, { "reference_url": "https://usn.ubuntu.com/3416-1/", "reference_id": "USN-3416-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3416-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035755?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7784" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3cbn-278y-hkah" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51546?format=api", "vulnerability_id": "VCID-48em-7yxs-pqf9", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7779.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7779.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7779", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02073", "scoring_system": "epss", "scoring_elements": "0.83955", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02073", "scoring_system": "epss", "scoring_elements": "0.83959", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02073", "scoring_system": "epss", "scoring_elements": "0.83886", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02073", "scoring_system": "epss", "scoring_elements": "0.83965", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02073", "scoring_system": "epss", "scoring_elements": "0.83949", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02073", "scoring_system": "epss", "scoring_elements": "0.83943", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02073", "scoring_system": "epss", "scoring_elements": "0.83919", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02073", "scoring_system": "epss", "scoring_elements": "0.839", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02073", "scoring_system": "epss", "scoring_elements": "0.83916", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7779" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1354443%2C1368576%2C1366903%2C1369913%2C1371424%2C1346590%2C1371890%2C1372985%2C1362924%2C1368105%2C1369994%2C1371283%2C1368362%2C1378826%2C1380426%2C1368030%2C1373220%2C1321384%2C1383002", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1354443%2C1368576%2C1366903%2C1369913%2C1371424%2C1346590%2C1371890%2C1372985%2C1362924%2C1368105%2C1369994%2C1371283%2C1368362%2C1378826%2C1380426%2C1368030%2C1373220%2C1321384%2C1383002" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:C/I:C/A:C" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3928", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3928" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3968" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-18/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-18/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-19/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-19/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-20/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-20/" }, { "reference_url": "http://www.securityfocus.com/bid/100201", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/100201" }, { "reference_url": "http://www.securitytracker.com/id/1039124", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039124" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479191", "reference_id": "1479191", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479191" }, { "reference_url": "https://security.archlinux.org/ASA-201708-18", "reference_id": "ASA-201708-18", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-18" }, { "reference_url": "https://security.archlinux.org/ASA-201708-3", "reference_id": "ASA-201708-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-3" }, { "reference_url": "https://security.archlinux.org/AVG-375", "reference_id": "AVG-375", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-375" }, { "reference_url": "https://security.archlinux.org/AVG-385", "reference_id": "AVG-385", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-385" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7779", "reference_id": "CVE-2017-7779", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:C/I:C/A:C" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7779" }, { "reference_url": "https://security.gentoo.org/glsa/201802-03", "reference_id": "GLSA-201802-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201802-03" }, { "reference_url": "https://security.gentoo.org/glsa/201803-14", "reference_id": "GLSA-201803-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201803-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18", "reference_id": "mfsa2017-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19", "reference_id": "mfsa2017-19", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20", "reference_id": "mfsa2017-20", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2456", "reference_id": "RHSA-2017:2456", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2456" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2534", "reference_id": "RHSA-2017:2534", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2534" }, { "reference_url": "https://usn.ubuntu.com/3391-1/", "reference_id": "USN-3391-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3391-1/" }, { "reference_url": "https://usn.ubuntu.com/3416-1/", "reference_id": "USN-3416-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3416-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035755?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7779" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-48em-7yxs-pqf9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59380?format=api", "vulnerability_id": "VCID-4jqv-p541-tfa9", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7749.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7749.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7749", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83117", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83121", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83051", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83127", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83111", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83103", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83079", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83067", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83081", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7749" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1355039", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1355039" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3881", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3881" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3918", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3918" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-15/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-15/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-16/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-16/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-17/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-17/" }, { "reference_url": "http://www.securityfocus.com/bid/99057", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/99057" }, { "reference_url": "http://www.securitytracker.com/id/1038689", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1038689" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1461253", "reference_id": "1461253", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1461253" }, { "reference_url": "https://security.archlinux.org/ASA-201706-19", "reference_id": "ASA-201706-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-19" }, { "reference_url": "https://security.archlinux.org/ASA-201706-20", "reference_id": "ASA-201706-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-20" }, { "reference_url": "https://security.archlinux.org/AVG-302", "reference_id": "AVG-302", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-302" }, { "reference_url": "https://security.archlinux.org/AVG-303", "reference_id": "AVG-303", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-303" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7749", "reference_id": "CVE-2017-7749", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7749" }, { "reference_url": "https://security.gentoo.org/glsa/201802-03", "reference_id": "GLSA-201802-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201802-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15", "reference_id": "mfsa2017-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16", "reference_id": "mfsa2017-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17", "reference_id": "mfsa2017-17", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1440", "reference_id": "RHSA-2017:1440", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1561", "reference_id": "RHSA-2017:1561", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1561" }, { "reference_url": "https://usn.ubuntu.com/3315-1/", "reference_id": "USN-3315-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3315-1/" }, { "reference_url": "https://usn.ubuntu.com/3321-1/", "reference_id": "USN-3321-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3321-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035755?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7749" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4jqv-p541-tfa9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59389?format=api", "vulnerability_id": "VCID-622g-5uav-bbgd", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7764.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7764.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7764", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01035", "scoring_system": "epss", "scoring_elements": "0.77375", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01035", "scoring_system": "epss", "scoring_elements": "0.77378", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01035", "scoring_system": "epss", "scoring_elements": "0.77317", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01035", "scoring_system": "epss", "scoring_elements": "0.77399", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01035", "scoring_system": "epss", "scoring_elements": "0.77372", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01035", "scoring_system": "epss", "scoring_elements": "0.77362", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01035", "scoring_system": "epss", "scoring_elements": "0.77332", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01035", "scoring_system": "epss", "scoring_elements": "0.77323", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01035", "scoring_system": "epss", "scoring_elements": "0.77352", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7764" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1364283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1364283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:N/A:P" }, { "value": "4.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3881", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3881" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3918", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3918" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-15/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-15/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-16/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-16/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-17/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-17/" }, { "reference_url": "http://www.securityfocus.com/bid/99057", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/99057" }, { "reference_url": "http://www.securitytracker.com/id/1038689", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1038689" }, { "reference_url": "http://www.unicode.org/reports/tr31/tr31-26.html#Aspirational_Use_Scripts", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.unicode.org/reports/tr31/tr31-26.html#Aspirational_Use_Scripts" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1461262", "reference_id": "1461262", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1461262" }, { "reference_url": "https://security.archlinux.org/ASA-201706-19", "reference_id": "ASA-201706-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-19" }, { "reference_url": "https://security.archlinux.org/ASA-201706-20", "reference_id": "ASA-201706-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-20" }, { "reference_url": "https://security.archlinux.org/AVG-302", "reference_id": "AVG-302", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-302" }, { "reference_url": "https://security.archlinux.org/AVG-303", "reference_id": "AVG-303", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-303" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7764", "reference_id": "CVE-2017-7764", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7764" }, { "reference_url": "https://security.gentoo.org/glsa/201802-03", "reference_id": "GLSA-201802-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201802-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15", "reference_id": "mfsa2017-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16", "reference_id": "mfsa2017-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17", "reference_id": "mfsa2017-17", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1440", "reference_id": "RHSA-2017:1440", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1561", "reference_id": "RHSA-2017:1561", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1561" }, { "reference_url": "https://usn.ubuntu.com/3315-1/", "reference_id": "USN-3315-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3315-1/" }, { "reference_url": "https://usn.ubuntu.com/3321-1/", "reference_id": "USN-3321-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3321-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035755?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7764" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-622g-5uav-bbgd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51550?format=api", "vulnerability_id": "VCID-7mvz-mr2e-hyfx", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7787.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7787.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7787", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00979", "scoring_system": "epss", "scoring_elements": "0.76755", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00979", "scoring_system": "epss", "scoring_elements": "0.76775", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00979", "scoring_system": "epss", "scoring_elements": "0.76689", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00979", "scoring_system": "epss", "scoring_elements": "0.76747", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00979", "scoring_system": "epss", "scoring_elements": "0.76736", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00979", "scoring_system": "epss", "scoring_elements": "0.76704", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00979", "scoring_system": "epss", "scoring_elements": "0.76693", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00979", "scoring_system": "epss", "scoring_elements": "0.76722", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7787" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1322896", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1322896" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:C/I:N/A:N" }, { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3928", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3928" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3968" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-18/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-18/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-19/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-19/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-20/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-20/" }, { "reference_url": "http://www.securityfocus.com/bid/100234", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/100234" }, { "reference_url": "http://www.securitytracker.com/id/1039124", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039124" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479206", "reference_id": "1479206", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479206" }, { "reference_url": "https://security.archlinux.org/ASA-201708-18", "reference_id": "ASA-201708-18", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-18" }, { "reference_url": "https://security.archlinux.org/ASA-201708-3", "reference_id": "ASA-201708-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-3" }, { "reference_url": "https://security.archlinux.org/AVG-375", "reference_id": "AVG-375", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-375" }, { "reference_url": "https://security.archlinux.org/AVG-385", "reference_id": "AVG-385", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-385" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7787", "reference_id": "CVE-2017-7787", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:N" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7787" }, { "reference_url": "https://security.gentoo.org/glsa/201802-03", "reference_id": "GLSA-201802-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201802-03" }, { "reference_url": "https://security.gentoo.org/glsa/201803-14", "reference_id": "GLSA-201803-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201803-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18", "reference_id": "mfsa2017-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19", "reference_id": "mfsa2017-19", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20", "reference_id": "mfsa2017-20", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2456", "reference_id": "RHSA-2017:2456", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2456" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2534", "reference_id": "RHSA-2017:2534", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2534" }, { "reference_url": "https://usn.ubuntu.com/3391-1/", "reference_id": "USN-3391-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3391-1/" }, { "reference_url": "https://usn.ubuntu.com/3416-1/", "reference_id": "USN-3416-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3416-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035755?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7787" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7mvz-mr2e-hyfx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59384?format=api", "vulnerability_id": "VCID-9k9g-4cxt-3faj", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7754.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7754.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7754", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01409", "scoring_system": "epss", "scoring_elements": "0.80492", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01409", "scoring_system": "epss", "scoring_elements": "0.805", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01409", "scoring_system": "epss", "scoring_elements": "0.8044", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01409", "scoring_system": "epss", "scoring_elements": "0.80514", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01409", "scoring_system": "epss", "scoring_elements": "0.80496", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01409", "scoring_system": "epss", "scoring_elements": "0.80486", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01409", "scoring_system": "epss", "scoring_elements": "0.80457", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01409", "scoring_system": "epss", "scoring_elements": "0.80446", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01409", "scoring_system": "epss", "scoring_elements": "0.80467", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7754" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1357090", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1357090" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3881", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3881" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3918", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3918" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-15/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-15/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-16/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-16/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-17/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-17/" }, { "reference_url": "http://www.securityfocus.com/bid/99057", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/99057" }, { "reference_url": "http://www.securitytracker.com/id/1038689", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1038689" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1461257", "reference_id": "1461257", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1461257" }, { "reference_url": "https://security.archlinux.org/ASA-201706-19", "reference_id": "ASA-201706-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-19" }, { "reference_url": "https://security.archlinux.org/ASA-201706-20", "reference_id": "ASA-201706-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-20" }, { "reference_url": "https://security.archlinux.org/AVG-302", "reference_id": "AVG-302", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-302" }, { "reference_url": "https://security.archlinux.org/AVG-303", "reference_id": "AVG-303", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-303" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7754", "reference_id": "CVE-2017-7754", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:N" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7754" }, { "reference_url": "https://security.gentoo.org/glsa/201802-03", "reference_id": "GLSA-201802-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201802-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15", "reference_id": "mfsa2017-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16", "reference_id": "mfsa2017-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17", "reference_id": "mfsa2017-17", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1440", "reference_id": "RHSA-2017:1440", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1561", "reference_id": "RHSA-2017:1561", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1561" }, { "reference_url": "https://usn.ubuntu.com/3315-1/", "reference_id": "USN-3315-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3315-1/" }, { "reference_url": "https://usn.ubuntu.com/3321-1/", "reference_id": "USN-3321-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3321-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035755?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7754" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9k9g-4cxt-3faj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59387?format=api", "vulnerability_id": "VCID-awue-n9ua-hfej", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7757.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7757.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7757", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83117", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83121", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83051", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83127", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83111", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83103", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83079", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83067", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83081", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7757" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1356824", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1356824" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3881", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3881" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3918", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3918" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-15/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-15/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-16/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-16/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-17/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-17/" }, { "reference_url": "http://www.securityfocus.com/bid/99057", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/99057" }, { "reference_url": "http://www.securitytracker.com/id/1038689", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1038689" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1461259", "reference_id": "1461259", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1461259" }, { "reference_url": "https://security.archlinux.org/ASA-201706-19", "reference_id": "ASA-201706-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-19" }, { "reference_url": "https://security.archlinux.org/ASA-201706-20", "reference_id": "ASA-201706-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-20" }, { "reference_url": "https://security.archlinux.org/AVG-302", "reference_id": "AVG-302", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-302" }, { "reference_url": "https://security.archlinux.org/AVG-303", "reference_id": "AVG-303", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-303" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7757", "reference_id": "CVE-2017-7757", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7757" }, { "reference_url": "https://security.gentoo.org/glsa/201802-03", "reference_id": "GLSA-201802-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201802-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15", "reference_id": "mfsa2017-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16", "reference_id": "mfsa2017-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17", "reference_id": "mfsa2017-17", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1440", "reference_id": "RHSA-2017:1440", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1561", "reference_id": "RHSA-2017:1561", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1561" }, { "reference_url": "https://usn.ubuntu.com/3315-1/", "reference_id": "USN-3315-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3315-1/" }, { "reference_url": "https://usn.ubuntu.com/3321-1/", "reference_id": "USN-3321-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3321-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035755?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7757" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-awue-n9ua-hfej" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51559?format=api", "vulnerability_id": "VCID-d7jf-wx4p-cuek", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7807.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7807.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7807", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00778", "scoring_system": "epss", "scoring_elements": "0.73645", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00778", "scoring_system": "epss", "scoring_elements": "0.73653", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00778", "scoring_system": "epss", "scoring_elements": "0.73594", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00778", "scoring_system": "epss", "scoring_elements": "0.73671", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00778", "scoring_system": "epss", "scoring_elements": "0.73648", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00778", "scoring_system": "epss", "scoring_elements": "0.73636", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00778", "scoring_system": "epss", "scoring_elements": "0.736", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00778", "scoring_system": "epss", "scoring_elements": "0.73603", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00778", "scoring_system": "epss", "scoring_elements": "0.73627", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7807" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1376459", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1376459" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:P/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3928", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3928" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3968" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-18/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-18/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-19/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-19/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-20/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-20/" }, { "reference_url": "http://www.securityfocus.com/bid/100242", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/100242" }, { "reference_url": "http://www.securitytracker.com/id/1039124", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039124" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479227", "reference_id": "1479227", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479227" }, { "reference_url": "https://security.archlinux.org/ASA-201708-18", "reference_id": "ASA-201708-18", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-18" }, { "reference_url": "https://security.archlinux.org/ASA-201708-3", "reference_id": "ASA-201708-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-3" }, { "reference_url": "https://security.archlinux.org/AVG-375", "reference_id": "AVG-375", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-375" }, { "reference_url": "https://security.archlinux.org/AVG-385", "reference_id": "AVG-385", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-385" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7807", "reference_id": "CVE-2017-7807", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:N" }, { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7807" }, { "reference_url": "https://security.gentoo.org/glsa/201802-03", "reference_id": "GLSA-201802-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201802-03" }, { "reference_url": "https://security.gentoo.org/glsa/201803-14", "reference_id": "GLSA-201803-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201803-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18", "reference_id": "mfsa2017-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19", "reference_id": "mfsa2017-19", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20", "reference_id": "mfsa2017-20", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2456", "reference_id": "RHSA-2017:2456", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2456" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2534", "reference_id": "RHSA-2017:2534", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2534" }, { "reference_url": "https://usn.ubuntu.com/3391-1/", "reference_id": "USN-3391-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3391-1/" }, { "reference_url": "https://usn.ubuntu.com/3416-1/", "reference_id": "USN-3416-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3416-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035755?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7807" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d7jf-wx4p-cuek" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51552?format=api", "vulnerability_id": "VCID-dck1-2x3v-1ygr", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7792.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7792.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7792", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07363", "scoring_system": "epss", "scoring_elements": "0.91716", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.07363", "scoring_system": "epss", "scoring_elements": "0.9172", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.07363", "scoring_system": "epss", "scoring_elements": "0.91673", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.07363", "scoring_system": "epss", "scoring_elements": "0.91718", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.07363", "scoring_system": "epss", "scoring_elements": "0.91715", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.07363", "scoring_system": "epss", "scoring_elements": "0.91708", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.07363", "scoring_system": "epss", "scoring_elements": "0.91695", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.07363", "scoring_system": "epss", "scoring_elements": "0.91681", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.07363", "scoring_system": "epss", "scoring_elements": "0.91686", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7792" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1368652", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1368652" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:C/I:C/A:C" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3928", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3928" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3968" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-18/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-18/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-19/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-19/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-20/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-20/" }, { "reference_url": "http://www.securityfocus.com/bid/100206", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/100206" }, { "reference_url": "http://www.securitytracker.com/id/1039124", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039124" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479210", "reference_id": "1479210", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479210" }, { "reference_url": "https://security.archlinux.org/ASA-201708-18", "reference_id": "ASA-201708-18", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-18" }, { "reference_url": "https://security.archlinux.org/ASA-201708-3", "reference_id": "ASA-201708-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-3" }, { "reference_url": "https://security.archlinux.org/AVG-375", "reference_id": "AVG-375", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-375" }, { "reference_url": "https://security.archlinux.org/AVG-385", "reference_id": "AVG-385", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-385" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7792", "reference_id": "CVE-2017-7792", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7792" }, { "reference_url": "https://security.gentoo.org/glsa/201802-03", "reference_id": "GLSA-201802-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201802-03" }, { "reference_url": "https://security.gentoo.org/glsa/201803-14", "reference_id": "GLSA-201803-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201803-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18", "reference_id": "mfsa2017-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19", "reference_id": "mfsa2017-19", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20", "reference_id": "mfsa2017-20", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2456", "reference_id": "RHSA-2017:2456", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2456" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2534", "reference_id": "RHSA-2017:2534", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2534" }, { "reference_url": "https://usn.ubuntu.com/3391-1/", "reference_id": "USN-3391-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3391-1/" }, { "reference_url": "https://usn.ubuntu.com/3416-1/", "reference_id": "USN-3416-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3416-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035755?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7792" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dck1-2x3v-1ygr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56565?format=api", "vulnerability_id": "VCID-f7zd-nx3e-tba1", "summary": "Multiple vulnerabilities have been found in Graphite, the worst of\n which could lead to the remote execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7771.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7771.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7771", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00538", "scoring_system": "epss", "scoring_elements": "0.67465", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00538", "scoring_system": "epss", "scoring_elements": "0.67542", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00538", "scoring_system": "epss", "scoring_elements": "0.67522", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00538", "scoring_system": "epss", "scoring_elements": "0.675", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00538", "scoring_system": "epss", "scoring_elements": "0.67552", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00538", "scoring_system": "epss", "scoring_elements": "0.67566", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00538", "scoring_system": "epss", "scoring_elements": "0.67588", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00538", "scoring_system": "epss", "scoring_elements": "0.67575", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00538", "scoring_system": "epss", "scoring_elements": "0.67501", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7771" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472212", "reference_id": "1472212", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472212" }, { "reference_url": "https://security.archlinux.org/ASA-201706-19", "reference_id": "ASA-201706-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-19" }, { "reference_url": "https://security.archlinux.org/ASA-201706-20", "reference_id": "ASA-201706-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-20" }, { "reference_url": "https://security.archlinux.org/AVG-302", "reference_id": "AVG-302", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-302" }, { "reference_url": "https://security.archlinux.org/AVG-303", "reference_id": "AVG-303", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-303" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7771", "reference_id": "CVE-2017-7771", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:P" }, { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7771" }, { "reference_url": "https://security.gentoo.org/glsa/201710-13", "reference_id": "GLSA-201710-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201710-13" }, { "reference_url": "https://security.gentoo.org/glsa/201802-03", "reference_id": "GLSA-201802-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201802-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1440", "reference_id": "RHSA-2017:1440", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1561", "reference_id": "RHSA-2017:1561", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1561" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1793", "reference_id": "RHSA-2017:1793", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1793" }, { "reference_url": "https://usn.ubuntu.com/3315-1/", "reference_id": "USN-3315-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3315-1/" }, { "reference_url": "https://usn.ubuntu.com/3321-1/", "reference_id": "USN-3321-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3321-1/" }, { "reference_url": "https://usn.ubuntu.com/3398-1/", "reference_id": "USN-3398-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3398-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035755?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7771" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f7zd-nx3e-tba1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56566?format=api", "vulnerability_id": "VCID-h63e-ngr6-zqee", "summary": "Multiple vulnerabilities have been found in Graphite, the worst of\n which could lead to the remote execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7772.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7772.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7772", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00618", "scoring_system": "epss", "scoring_elements": "0.69885", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00618", "scoring_system": "epss", "scoring_elements": "0.69947", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00618", "scoring_system": "epss", "scoring_elements": "0.69911", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00618", "scoring_system": "epss", "scoring_elements": "0.69888", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00618", "scoring_system": "epss", "scoring_elements": "0.69936", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00618", "scoring_system": "epss", "scoring_elements": "0.69953", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00618", "scoring_system": "epss", "scoring_elements": "0.69976", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00618", "scoring_system": "epss", "scoring_elements": "0.69961", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00618", "scoring_system": "epss", "scoring_elements": "0.69897", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7772" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472213", "reference_id": "1472213", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472213" }, { "reference_url": "https://security.archlinux.org/ASA-201706-19", "reference_id": "ASA-201706-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-19" }, { "reference_url": "https://security.archlinux.org/ASA-201706-20", "reference_id": "ASA-201706-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-20" }, { "reference_url": "https://security.archlinux.org/AVG-302", "reference_id": "AVG-302", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-302" }, { "reference_url": "https://security.archlinux.org/AVG-303", "reference_id": "AVG-303", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-303" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7772", "reference_id": "CVE-2017-7772", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7772" }, { "reference_url": "https://security.gentoo.org/glsa/201710-13", "reference_id": "GLSA-201710-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201710-13" }, { "reference_url": "https://security.gentoo.org/glsa/201802-03", "reference_id": "GLSA-201802-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201802-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1440", "reference_id": "RHSA-2017:1440", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1561", "reference_id": "RHSA-2017:1561", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1561" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1793", "reference_id": "RHSA-2017:1793", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1793" }, { "reference_url": "https://usn.ubuntu.com/3315-1/", "reference_id": "USN-3315-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3315-1/" }, { "reference_url": "https://usn.ubuntu.com/3321-1/", "reference_id": "USN-3321-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3321-1/" }, { "reference_url": "https://usn.ubuntu.com/3398-1/", "reference_id": "USN-3398-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3398-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035755?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7772" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h63e-ngr6-zqee" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51557?format=api", "vulnerability_id": "VCID-hk7b-ckyd-7qg2", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7803.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7803.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7803", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01098", "scoring_system": "epss", "scoring_elements": "0.78017", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01098", "scoring_system": "epss", "scoring_elements": "0.78019", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01098", "scoring_system": "epss", "scoring_elements": "0.77961", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01098", "scoring_system": "epss", "scoring_elements": "0.78036", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01098", "scoring_system": "epss", "scoring_elements": "0.78009", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01098", "scoring_system": "epss", "scoring_elements": "0.78005", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01098", "scoring_system": "epss", "scoring_elements": "0.77978", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01098", "scoring_system": "epss", "scoring_elements": "0.77968", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01098", "scoring_system": "epss", "scoring_elements": "0.77996", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7803" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1377426", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1377426" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:C/I:C/A:C" }, { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3928", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3928" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3968" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-18/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-18/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-19/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-19/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-20/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-20/" }, { "reference_url": "http://www.securityfocus.com/bid/100234", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/100234" }, { "reference_url": "http://www.securitytracker.com/id/1039124", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039124" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479225", "reference_id": "1479225", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479225" }, { "reference_url": "https://security.archlinux.org/ASA-201708-18", "reference_id": "ASA-201708-18", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-18" }, { "reference_url": "https://security.archlinux.org/ASA-201708-3", "reference_id": "ASA-201708-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-3" }, { "reference_url": "https://security.archlinux.org/AVG-375", "reference_id": "AVG-375", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-375" }, { "reference_url": "https://security.archlinux.org/AVG-385", "reference_id": "AVG-385", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-385" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7803", "reference_id": "CVE-2017-7803", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7803" }, { "reference_url": "https://security.gentoo.org/glsa/201802-03", "reference_id": "GLSA-201802-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201802-03" }, { "reference_url": "https://security.gentoo.org/glsa/201803-14", "reference_id": "GLSA-201803-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201803-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18", "reference_id": "mfsa2017-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19", "reference_id": "mfsa2017-19", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20", "reference_id": "mfsa2017-20", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2456", "reference_id": "RHSA-2017:2456", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2456" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2534", "reference_id": "RHSA-2017:2534", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2534" }, { "reference_url": "https://usn.ubuntu.com/3391-1/", "reference_id": "USN-3391-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3391-1/" }, { "reference_url": "https://usn.ubuntu.com/3416-1/", "reference_id": "USN-3416-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3416-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035755?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7803" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hk7b-ckyd-7qg2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51545?format=api", "vulnerability_id": "VCID-hw2h-w5r2-7qhv", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7753.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7753.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7753", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01721", "scoring_system": "epss", "scoring_elements": "0.82401", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01721", "scoring_system": "epss", "scoring_elements": "0.82407", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01721", "scoring_system": "epss", "scoring_elements": "0.82329", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01721", "scoring_system": "epss", "scoring_elements": "0.8241", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01721", "scoring_system": "epss", "scoring_elements": "0.82391", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01721", "scoring_system": "epss", "scoring_elements": "0.82384", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01721", "scoring_system": "epss", "scoring_elements": "0.82356", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01721", "scoring_system": "epss", "scoring_elements": "0.82343", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01721", "scoring_system": "epss", "scoring_elements": "0.82361", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7753" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1353312", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1353312" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:C" }, { "value": "6.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3928", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3928" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3968" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-18/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-18/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-19/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-19/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-20/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-20/" }, { "reference_url": "http://www.securityfocus.com/bid/100315", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/100315" }, { "reference_url": "http://www.securitytracker.com/id/1039124", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039124" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479188", "reference_id": "1479188", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479188" }, { "reference_url": "https://security.archlinux.org/ASA-201708-18", "reference_id": "ASA-201708-18", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-18" }, { "reference_url": "https://security.archlinux.org/ASA-201708-3", "reference_id": "ASA-201708-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-3" }, { "reference_url": "https://security.archlinux.org/AVG-375", "reference_id": "AVG-375", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-375" }, { "reference_url": "https://security.archlinux.org/AVG-385", "reference_id": "AVG-385", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-385" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7753", "reference_id": "CVE-2017-7753", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:P" }, { "value": "9.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7753" }, { "reference_url": "https://security.gentoo.org/glsa/201802-03", "reference_id": "GLSA-201802-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201802-03" }, { "reference_url": "https://security.gentoo.org/glsa/201803-14", "reference_id": "GLSA-201803-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201803-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18", "reference_id": "mfsa2017-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19", "reference_id": "mfsa2017-19", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20", "reference_id": "mfsa2017-20", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2456", "reference_id": "RHSA-2017:2456", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2456" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2534", "reference_id": "RHSA-2017:2534", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2534" }, { "reference_url": "https://usn.ubuntu.com/3391-1/", "reference_id": "USN-3391-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3391-1/" }, { "reference_url": "https://usn.ubuntu.com/3416-1/", "reference_id": "USN-3416-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3416-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035755?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7753" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hw2h-w5r2-7qhv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56568?format=api", "vulnerability_id": "VCID-j56s-gf2k-zqdx", "summary": "Multiple vulnerabilities have been found in Graphite, the worst of\n which could lead to the remote execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7774.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7774.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7774", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68255", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.6832", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68295", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68272", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68323", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68339", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68365", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68352", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68275", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472219", "reference_id": "1472219", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472219" }, { "reference_url": "https://security.archlinux.org/ASA-201706-19", "reference_id": "ASA-201706-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-19" }, { "reference_url": "https://security.archlinux.org/ASA-201706-20", "reference_id": "ASA-201706-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-20" }, { "reference_url": "https://security.archlinux.org/AVG-302", "reference_id": "AVG-302", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-302" }, { "reference_url": "https://security.archlinux.org/AVG-303", "reference_id": "AVG-303", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-303" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7774", "reference_id": "CVE-2017-7774", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:P" }, { "value": "9.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7774" }, { "reference_url": "https://security.gentoo.org/glsa/201710-13", "reference_id": "GLSA-201710-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201710-13" }, { "reference_url": "https://security.gentoo.org/glsa/201802-03", "reference_id": "GLSA-201802-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201802-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1440", "reference_id": "RHSA-2017:1440", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1561", "reference_id": "RHSA-2017:1561", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1561" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1793", "reference_id": "RHSA-2017:1793", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1793" }, { "reference_url": "https://usn.ubuntu.com/3315-1/", "reference_id": "USN-3315-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3315-1/" }, { "reference_url": "https://usn.ubuntu.com/3321-1/", "reference_id": "USN-3321-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3321-1/" }, { "reference_url": "https://usn.ubuntu.com/3398-1/", "reference_id": "USN-3398-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3398-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035755?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7774" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j56s-gf2k-zqdx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59382?format=api", "vulnerability_id": "VCID-jwnz-gnjs-1uaa", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7751.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7751.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7751", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83117", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83121", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83051", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83127", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83111", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83103", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83079", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83067", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83081", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7751" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1363396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1363396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3881", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3881" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3918", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3918" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-15/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-15/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-16/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-16/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-17/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-17/" }, { "reference_url": "http://www.securityfocus.com/bid/99057", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/99057" }, { "reference_url": "http://www.securitytracker.com/id/1038689", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1038689" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1461255", "reference_id": "1461255", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1461255" }, { "reference_url": "https://security.archlinux.org/ASA-201706-19", "reference_id": "ASA-201706-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-19" }, { "reference_url": "https://security.archlinux.org/ASA-201706-20", "reference_id": "ASA-201706-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-20" }, { "reference_url": "https://security.archlinux.org/AVG-302", "reference_id": "AVG-302", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-302" }, { "reference_url": "https://security.archlinux.org/AVG-303", "reference_id": "AVG-303", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-303" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7751", "reference_id": "CVE-2017-7751", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7751" }, { "reference_url": "https://security.gentoo.org/glsa/201802-03", "reference_id": "GLSA-201802-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201802-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15", "reference_id": "mfsa2017-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16", "reference_id": "mfsa2017-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17", "reference_id": "mfsa2017-17", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1440", "reference_id": "RHSA-2017:1440", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1561", "reference_id": "RHSA-2017:1561", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1561" }, { "reference_url": "https://usn.ubuntu.com/3315-1/", "reference_id": "USN-3315-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3315-1/" }, { "reference_url": "https://usn.ubuntu.com/3321-1/", "reference_id": "USN-3321-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3321-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035755?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7751" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jwnz-gnjs-1uaa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56570?format=api", "vulnerability_id": "VCID-k79j-1yvn-qfd2", "summary": "Multiple vulnerabilities have been found in Graphite, the worst of\n which could lead to the remote execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7776.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7776.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7776", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00618", "scoring_system": "epss", "scoring_elements": "0.69885", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00618", "scoring_system": "epss", "scoring_elements": "0.69947", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00618", "scoring_system": "epss", "scoring_elements": "0.69911", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00618", "scoring_system": "epss", "scoring_elements": "0.69888", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00618", "scoring_system": "epss", "scoring_elements": "0.69936", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00618", "scoring_system": "epss", "scoring_elements": "0.69953", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00618", "scoring_system": "epss", "scoring_elements": "0.69976", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00618", "scoring_system": "epss", "scoring_elements": "0.69961", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00618", "scoring_system": "epss", "scoring_elements": "0.69897", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472223", "reference_id": "1472223", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472223" }, { "reference_url": "https://security.archlinux.org/ASA-201706-19", "reference_id": "ASA-201706-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-19" }, { "reference_url": "https://security.archlinux.org/ASA-201706-20", "reference_id": "ASA-201706-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-20" }, { "reference_url": "https://security.archlinux.org/AVG-302", "reference_id": "AVG-302", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-302" }, { "reference_url": "https://security.archlinux.org/AVG-303", "reference_id": "AVG-303", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-303" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7776", "reference_id": "CVE-2017-7776", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:P" }, { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7776" }, { "reference_url": "https://security.gentoo.org/glsa/201710-13", "reference_id": "GLSA-201710-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201710-13" }, { "reference_url": "https://security.gentoo.org/glsa/201802-03", "reference_id": "GLSA-201802-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201802-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1440", "reference_id": "RHSA-2017:1440", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1561", "reference_id": "RHSA-2017:1561", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1561" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1793", "reference_id": "RHSA-2017:1793", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1793" }, { "reference_url": "https://usn.ubuntu.com/3315-1/", "reference_id": "USN-3315-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3315-1/" }, { "reference_url": "https://usn.ubuntu.com/3321-1/", "reference_id": "USN-3321-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3321-1/" }, { "reference_url": "https://usn.ubuntu.com/3398-1/", "reference_id": "USN-3398-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3398-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035755?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7776" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k79j-1yvn-qfd2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59381?format=api", "vulnerability_id": "VCID-nyn2-zf8c-67cb", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7750.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7750.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7750", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83117", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83121", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83051", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83127", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83111", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83103", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83079", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83067", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83081", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7750" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1356558", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1356558" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3881", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3881" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3918", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3918" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-15/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-15/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-16/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-16/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-17/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-17/" }, { "reference_url": "http://www.securityfocus.com/bid/99057", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/99057" }, { "reference_url": "http://www.securitytracker.com/id/1038689", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1038689" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1461254", "reference_id": "1461254", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1461254" }, { "reference_url": "https://security.archlinux.org/ASA-201706-19", "reference_id": "ASA-201706-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-19" }, { "reference_url": "https://security.archlinux.org/ASA-201706-20", "reference_id": "ASA-201706-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-20" }, { "reference_url": "https://security.archlinux.org/AVG-302", "reference_id": "AVG-302", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-302" }, { "reference_url": "https://security.archlinux.org/AVG-303", "reference_id": "AVG-303", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-303" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7750", "reference_id": "CVE-2017-7750", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7750" }, { "reference_url": "https://security.gentoo.org/glsa/201802-03", "reference_id": "GLSA-201802-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201802-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15", "reference_id": "mfsa2017-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16", "reference_id": "mfsa2017-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17", "reference_id": "mfsa2017-17", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1440", "reference_id": "RHSA-2017:1440", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1561", "reference_id": "RHSA-2017:1561", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1561" }, { "reference_url": "https://usn.ubuntu.com/3315-1/", "reference_id": "USN-3315-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3315-1/" }, { "reference_url": "https://usn.ubuntu.com/3321-1/", "reference_id": "USN-3321-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3321-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035755?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7750" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nyn2-zf8c-67cb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59388?format=api", "vulnerability_id": "VCID-pmwj-2v2k-nfcb", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7758.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7758.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7758", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01684", "scoring_system": "epss", "scoring_elements": "0.82199", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01684", "scoring_system": "epss", "scoring_elements": "0.82205", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01684", "scoring_system": "epss", "scoring_elements": "0.82128", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01684", "scoring_system": "epss", "scoring_elements": "0.82213", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01684", "scoring_system": "epss", "scoring_elements": "0.82193", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01684", "scoring_system": "epss", "scoring_elements": "0.82186", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01684", "scoring_system": "epss", "scoring_elements": "0.8216", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01684", "scoring_system": "epss", "scoring_elements": "0.82142", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01684", "scoring_system": "epss", "scoring_elements": "0.82163", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7758" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1368490", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1368490" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3881", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3881" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3918", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3918" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-15/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-15/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-16/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-16/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-17/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-17/" }, { "reference_url": "http://www.securityfocus.com/bid/99057", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/99057" }, { "reference_url": "http://www.securitytracker.com/id/1038689", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1038689" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1461261", "reference_id": "1461261", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1461261" }, { "reference_url": "https://security.archlinux.org/ASA-201706-19", "reference_id": "ASA-201706-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-19" }, { "reference_url": "https://security.archlinux.org/ASA-201706-20", "reference_id": "ASA-201706-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-20" }, { "reference_url": "https://security.archlinux.org/AVG-302", "reference_id": "AVG-302", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-302" }, { "reference_url": "https://security.archlinux.org/AVG-303", "reference_id": "AVG-303", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-303" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7758", "reference_id": "CVE-2017-7758", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:P" }, { "value": "9.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7758" }, { "reference_url": "https://security.gentoo.org/glsa/201802-03", "reference_id": "GLSA-201802-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201802-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15", "reference_id": "mfsa2017-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16", "reference_id": "mfsa2017-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17", "reference_id": "mfsa2017-17", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1440", "reference_id": "RHSA-2017:1440", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1561", "reference_id": "RHSA-2017:1561", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1561" }, { "reference_url": "https://usn.ubuntu.com/3315-1/", "reference_id": "USN-3315-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3315-1/" }, { "reference_url": "https://usn.ubuntu.com/3321-1/", "reference_id": "USN-3321-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3321-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035755?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7758" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pmwj-2v2k-nfcb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59383?format=api", "vulnerability_id": "VCID-pww9-m9d4-euew", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7752.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7752.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7752", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00972", "scoring_system": "epss", "scoring_elements": "0.76644", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00972", "scoring_system": "epss", "scoring_elements": "0.76653", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00972", "scoring_system": "epss", "scoring_elements": "0.7659", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00972", "scoring_system": "epss", "scoring_elements": "0.76673", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00972", "scoring_system": "epss", "scoring_elements": "0.76647", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00972", "scoring_system": "epss", "scoring_elements": "0.76635", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00972", "scoring_system": "epss", "scoring_elements": "0.76603", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00972", "scoring_system": "epss", "scoring_elements": "0.76594", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00972", "scoring_system": "epss", "scoring_elements": "0.76622", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7752" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1359547", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1359547" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:P/A:P" }, { "value": "6.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3881", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3881" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3918", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3918" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-15/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-15/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-16/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-16/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-17/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-17/" }, { "reference_url": "http://www.securityfocus.com/bid/99057", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/99057" }, { "reference_url": "http://www.securitytracker.com/id/1038689", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1038689" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1461256", "reference_id": "1461256", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1461256" }, { "reference_url": "https://security.archlinux.org/ASA-201706-19", "reference_id": "ASA-201706-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-19" }, { "reference_url": "https://security.archlinux.org/ASA-201706-20", "reference_id": "ASA-201706-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-20" }, { "reference_url": "https://security.archlinux.org/AVG-302", "reference_id": "AVG-302", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-302" }, { "reference_url": "https://security.archlinux.org/AVG-303", "reference_id": "AVG-303", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-303" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7752", "reference_id": "CVE-2017-7752", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7752" }, { "reference_url": "https://security.gentoo.org/glsa/201802-03", "reference_id": "GLSA-201802-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201802-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15", "reference_id": "mfsa2017-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16", "reference_id": "mfsa2017-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17", "reference_id": "mfsa2017-17", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1440", "reference_id": "RHSA-2017:1440", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1561", "reference_id": "RHSA-2017:1561", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1561" }, { "reference_url": "https://usn.ubuntu.com/3315-1/", "reference_id": "USN-3315-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3315-1/" }, { "reference_url": "https://usn.ubuntu.com/3321-1/", "reference_id": "USN-3321-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3321-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035755?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7752" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pww9-m9d4-euew" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51548?format=api", "vulnerability_id": "VCID-q7jk-b69d-bbav", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7785.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7785.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7785", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08433", "scoring_system": "epss", "scoring_elements": "0.92342", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.08433", "scoring_system": "epss", "scoring_elements": "0.92344", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.08433", "scoring_system": "epss", "scoring_elements": "0.92306", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.08433", "scoring_system": "epss", "scoring_elements": "0.92343", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.08433", "scoring_system": "epss", "scoring_elements": "0.92338", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.08433", "scoring_system": "epss", "scoring_elements": "0.92333", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.08433", "scoring_system": "epss", "scoring_elements": "0.92322", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.08433", "scoring_system": "epss", "scoring_elements": "0.92313", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.08433", "scoring_system": "epss", "scoring_elements": "0.92319", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7785" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1356985", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1356985" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:C/I:C/A:C" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3928", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3928" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3968" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-18/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-18/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-19/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-19/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-20/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-20/" }, { "reference_url": "http://www.securityfocus.com/bid/100206", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/100206" }, { "reference_url": "http://www.securitytracker.com/id/1039124", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039124" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479203", "reference_id": "1479203", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479203" }, { "reference_url": "https://security.archlinux.org/ASA-201708-18", "reference_id": "ASA-201708-18", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-18" }, { "reference_url": "https://security.archlinux.org/ASA-201708-3", "reference_id": "ASA-201708-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-3" }, { "reference_url": "https://security.archlinux.org/AVG-375", "reference_id": "AVG-375", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-375" }, { "reference_url": "https://security.archlinux.org/AVG-385", "reference_id": "AVG-385", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-385" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7785", "reference_id": "CVE-2017-7785", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7785" }, { "reference_url": "https://security.gentoo.org/glsa/201802-03", "reference_id": "GLSA-201802-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201802-03" }, { "reference_url": "https://security.gentoo.org/glsa/201803-14", "reference_id": "GLSA-201803-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201803-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18", "reference_id": "mfsa2017-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19", "reference_id": "mfsa2017-19", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20", "reference_id": "mfsa2017-20", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2456", "reference_id": "RHSA-2017:2456", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2456" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2534", "reference_id": "RHSA-2017:2534", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2534" }, { "reference_url": "https://usn.ubuntu.com/3391-1/", "reference_id": "USN-3391-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3391-1/" }, { "reference_url": "https://usn.ubuntu.com/3416-1/", "reference_id": "USN-3416-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3416-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035755?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7785" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q7jk-b69d-bbav" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51560?format=api", "vulnerability_id": "VCID-qetw-2ah7-5ba4", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7809.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7809.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7809", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02292", "scoring_system": "epss", "scoring_elements": "0.84714", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02292", "scoring_system": "epss", "scoring_elements": "0.8472", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02292", "scoring_system": "epss", "scoring_elements": "0.84641", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02292", "scoring_system": "epss", "scoring_elements": "0.84725", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02292", "scoring_system": "epss", "scoring_elements": "0.84707", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02292", "scoring_system": "epss", "scoring_elements": "0.847", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02292", "scoring_system": "epss", "scoring_elements": "0.84678", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02292", "scoring_system": "epss", "scoring_elements": "0.84656", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02292", "scoring_system": "epss", "scoring_elements": "0.84676", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7809" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1380284", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1380284" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:C/I:C/A:C" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3928", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3928" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3968" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-18/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-18/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-19/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-19/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-20/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-20/" }, { "reference_url": "http://www.securityfocus.com/bid/100203", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/100203" }, { "reference_url": "http://www.securitytracker.com/id/1039124", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039124" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479650", "reference_id": "1479650", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479650" }, { "reference_url": "https://security.archlinux.org/ASA-201708-18", "reference_id": "ASA-201708-18", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-18" }, { "reference_url": "https://security.archlinux.org/ASA-201708-3", "reference_id": "ASA-201708-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-3" }, { "reference_url": "https://security.archlinux.org/AVG-375", "reference_id": "AVG-375", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-375" }, { "reference_url": "https://security.archlinux.org/AVG-385", "reference_id": "AVG-385", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-385" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7809", "reference_id": "CVE-2017-7809", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7809" }, { "reference_url": "https://security.gentoo.org/glsa/201802-03", "reference_id": "GLSA-201802-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201802-03" }, { "reference_url": "https://security.gentoo.org/glsa/201803-14", "reference_id": "GLSA-201803-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201803-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18", "reference_id": "mfsa2017-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19", "reference_id": "mfsa2017-19", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20", "reference_id": "mfsa2017-20", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2456", "reference_id": "RHSA-2017:2456", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2456" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2534", "reference_id": "RHSA-2017:2534", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2534" }, { "reference_url": "https://usn.ubuntu.com/3391-1/", "reference_id": "USN-3391-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3391-1/" }, { "reference_url": "https://usn.ubuntu.com/3416-1/", "reference_id": "USN-3416-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3416-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035755?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7809" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qetw-2ah7-5ba4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51549?format=api", "vulnerability_id": "VCID-qh1k-c7ct-efg8", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7786.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7786.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7786", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0852", "scoring_system": "epss", "scoring_elements": "0.92383", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0852", "scoring_system": "epss", "scoring_elements": "0.92381", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0852", "scoring_system": "epss", "scoring_elements": "0.92342", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0852", "scoring_system": "epss", "scoring_elements": "0.92375", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0852", "scoring_system": "epss", "scoring_elements": "0.92371", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0852", "scoring_system": "epss", "scoring_elements": "0.92359", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0852", "scoring_system": "epss", "scoring_elements": "0.92349", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0852", "scoring_system": "epss", "scoring_elements": "0.92355", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7786" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1365189", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1365189" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:C/I:C/A:C" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3928", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3928" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3968" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-18/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-18/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-19/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-19/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-20/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-20/" }, { "reference_url": "http://www.securityfocus.com/bid/100206", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/100206" }, { "reference_url": "http://www.securitytracker.com/id/1039124", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039124" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479205", "reference_id": "1479205", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479205" }, { "reference_url": "https://security.archlinux.org/ASA-201708-18", "reference_id": "ASA-201708-18", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-18" }, { "reference_url": "https://security.archlinux.org/ASA-201708-3", "reference_id": "ASA-201708-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-3" }, { "reference_url": "https://security.archlinux.org/AVG-375", "reference_id": "AVG-375", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-375" }, { "reference_url": "https://security.archlinux.org/AVG-385", "reference_id": "AVG-385", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-385" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7786", "reference_id": "CVE-2017-7786", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7786" }, { "reference_url": "https://security.gentoo.org/glsa/201802-03", "reference_id": "GLSA-201802-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201802-03" }, { "reference_url": "https://security.gentoo.org/glsa/201803-14", "reference_id": "GLSA-201803-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201803-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18", "reference_id": "mfsa2017-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19", "reference_id": "mfsa2017-19", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20", "reference_id": "mfsa2017-20", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2456", "reference_id": "RHSA-2017:2456", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2456" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2534", "reference_id": "RHSA-2017:2534", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2534" }, { "reference_url": "https://usn.ubuntu.com/3391-1/", "reference_id": "USN-3391-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3391-1/" }, { "reference_url": "https://usn.ubuntu.com/3416-1/", "reference_id": "USN-3416-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3416-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035755?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7786" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qh1k-c7ct-efg8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56571?format=api", "vulnerability_id": "VCID-qhes-9dcx-tbb5", "summary": "Multiple vulnerabilities have been found in Graphite, the worst of\n which could lead to the remote execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7777.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7777.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7777", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00495", "scoring_system": "epss", "scoring_elements": "0.65693", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00495", "scoring_system": "epss", "scoring_elements": "0.65777", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00495", "scoring_system": "epss", "scoring_elements": "0.65772", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00495", "scoring_system": "epss", "scoring_elements": "0.65737", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00495", "scoring_system": "epss", "scoring_elements": "0.6579", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00495", "scoring_system": "epss", "scoring_elements": "0.65801", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00495", "scoring_system": "epss", "scoring_elements": "0.65822", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00495", "scoring_system": "epss", "scoring_elements": "0.65807", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00495", "scoring_system": "epss", "scoring_elements": "0.65742", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7777" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472225", "reference_id": "1472225", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472225" }, { "reference_url": "https://security.archlinux.org/ASA-201706-19", "reference_id": "ASA-201706-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-19" }, { "reference_url": "https://security.archlinux.org/ASA-201706-20", "reference_id": "ASA-201706-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-20" }, { "reference_url": "https://security.archlinux.org/AVG-302", "reference_id": "AVG-302", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-302" }, { "reference_url": "https://security.archlinux.org/AVG-303", "reference_id": "AVG-303", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-303" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7777", "reference_id": "CVE-2017-7777", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7777" }, { "reference_url": "https://security.gentoo.org/glsa/201710-13", "reference_id": "GLSA-201710-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201710-13" }, { "reference_url": "https://security.gentoo.org/glsa/201802-03", "reference_id": "GLSA-201802-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201802-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1440", "reference_id": "RHSA-2017:1440", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1561", "reference_id": "RHSA-2017:1561", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1561" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1793", "reference_id": "RHSA-2017:1793", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1793" }, { "reference_url": "https://usn.ubuntu.com/3315-1/", "reference_id": "USN-3315-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3315-1/" }, { "reference_url": "https://usn.ubuntu.com/3321-1/", "reference_id": "USN-3321-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3321-1/" }, { "reference_url": "https://usn.ubuntu.com/3398-1/", "reference_id": "USN-3398-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3398-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035755?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7777" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qhes-9dcx-tbb5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59378?format=api", "vulnerability_id": "VCID-rsqj-18a5-23gd", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5470.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5470.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5470", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83117", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83121", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83051", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83127", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83111", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83103", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83079", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83067", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83081", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5470" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1359639%2C1349595%2C1352295%2C1352556%2C1342552%2C1342567%2C1346012%2C1366140%2C1368732%2C1297111%2C1362590%2C1357462%2C1363280%2C1349266%2C1352093%2C1348424%2C1347748%2C1356025%2C1325513%2C1367692", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1359639%2C1349595%2C1352295%2C1352556%2C1342552%2C1342567%2C1346012%2C1366140%2C1368732%2C1297111%2C1362590%2C1357462%2C1363280%2C1349266%2C1352093%2C1348424%2C1347748%2C1356025%2C1325513%2C1367692" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3881", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3881" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3918", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3918" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-15/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-15/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-16/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-16/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-17/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-17/" }, { "reference_url": "http://www.securityfocus.com/bid/99041", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/99041" }, { "reference_url": "http://www.securitytracker.com/id/1038689", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1038689" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1461264", "reference_id": "1461264", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1461264" }, { "reference_url": "https://security.archlinux.org/ASA-201706-19", "reference_id": "ASA-201706-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-19" }, { "reference_url": "https://security.archlinux.org/ASA-201706-20", "reference_id": "ASA-201706-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-20" }, { "reference_url": "https://security.archlinux.org/AVG-302", "reference_id": "AVG-302", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-302" }, { "reference_url": "https://security.archlinux.org/AVG-303", "reference_id": "AVG-303", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-303" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5470", "reference_id": "CVE-2017-5470", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5470" }, { "reference_url": "https://security.gentoo.org/glsa/201802-03", "reference_id": "GLSA-201802-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201802-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15", "reference_id": "mfsa2017-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16", "reference_id": "mfsa2017-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17", "reference_id": "mfsa2017-17", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1440", "reference_id": "RHSA-2017:1440", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1561", "reference_id": "RHSA-2017:1561", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1561" }, { "reference_url": "https://usn.ubuntu.com/3315-1/", "reference_id": "USN-3315-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3315-1/" }, { "reference_url": "https://usn.ubuntu.com/3321-1/", "reference_id": "USN-3321-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3321-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035755?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-5470" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rsqj-18a5-23gd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51551?format=api", "vulnerability_id": "VCID-s558-4jac-47ft", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7791.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7791.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7791", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01355", "scoring_system": "epss", "scoring_elements": "0.80118", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01355", "scoring_system": "epss", "scoring_elements": "0.80126", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01355", "scoring_system": "epss", "scoring_elements": "0.80072", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01355", "scoring_system": "epss", "scoring_elements": "0.80142", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01355", "scoring_system": "epss", "scoring_elements": "0.80123", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01355", "scoring_system": "epss", "scoring_elements": "0.80116", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01355", "scoring_system": "epss", "scoring_elements": "0.80088", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01355", "scoring_system": "epss", "scoring_elements": "0.80079", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01355", "scoring_system": "epss", "scoring_elements": "0.801", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7791" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1365875", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1365875" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:C/I:C/A:N" }, { "value": "4.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3928", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3928" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3968" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-18/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-18/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-19/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-19/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-20/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-20/" }, { "reference_url": "http://www.securityfocus.com/bid/100240", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/100240" }, { "reference_url": "http://www.securitytracker.com/id/1039124", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039124" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479209", "reference_id": "1479209", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479209" }, { "reference_url": "https://security.archlinux.org/ASA-201708-18", "reference_id": "ASA-201708-18", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-18" }, { "reference_url": "https://security.archlinux.org/ASA-201708-3", "reference_id": "ASA-201708-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-3" }, { "reference_url": "https://security.archlinux.org/AVG-375", "reference_id": "AVG-375", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-375" }, { "reference_url": "https://security.archlinux.org/AVG-385", "reference_id": "AVG-385", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-385" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7791", "reference_id": "CVE-2017-7791", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7791" }, { "reference_url": "https://security.gentoo.org/glsa/201802-03", "reference_id": "GLSA-201802-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201802-03" }, { "reference_url": "https://security.gentoo.org/glsa/201803-14", "reference_id": "GLSA-201803-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201803-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18", "reference_id": "mfsa2017-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19", "reference_id": "mfsa2017-19", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20", "reference_id": "mfsa2017-20", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2456", "reference_id": "RHSA-2017:2456", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2456" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2534", "reference_id": "RHSA-2017:2534", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2534" }, { "reference_url": "https://usn.ubuntu.com/3391-1/", "reference_id": "USN-3391-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3391-1/" }, { "reference_url": "https://usn.ubuntu.com/3416-1/", "reference_id": "USN-3416-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3416-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035755?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7791" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s558-4jac-47ft" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56572?format=api", "vulnerability_id": "VCID-sncj-cwvy-ckdf", "summary": "Multiple vulnerabilities have been found in Graphite, the worst of\n which could lead to the remote execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7778.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7778.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7778", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0106", "scoring_system": "epss", "scoring_elements": "0.77641", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0106", "scoring_system": "epss", "scoring_elements": "0.77643", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0106", "scoring_system": "epss", "scoring_elements": "0.77583", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0106", "scoring_system": "epss", "scoring_elements": "0.77659", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0106", "scoring_system": "epss", "scoring_elements": "0.77633", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0106", "scoring_system": "epss", "scoring_elements": "0.77627", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0106", "scoring_system": "epss", "scoring_elements": "0.77598", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0106", "scoring_system": "epss", "scoring_elements": "0.7759", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0106", "scoring_system": "epss", "scoring_elements": "0.77616", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7778" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1349310", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1349310" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1350047", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1350047" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1352745", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1352745" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1352747", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1352747" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1355174", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1355174" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1355182", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1355182" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1356607", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1356607" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1358551", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1358551" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3881", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3881" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3894", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3894" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3918", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3918" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-15/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-15/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-16/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-16/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-17/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-17/" }, { "reference_url": "http://www.securityfocus.com/bid/99057", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/99057" }, { "reference_url": "http://www.securitytracker.com/id/1038689", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1038689" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1461260", "reference_id": "1461260", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1461260" }, { "reference_url": "https://security.archlinux.org/ASA-201706-19", "reference_id": "ASA-201706-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-19" }, { "reference_url": "https://security.archlinux.org/ASA-201706-20", "reference_id": "ASA-201706-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-20" }, { "reference_url": "https://security.archlinux.org/AVG-302", "reference_id": "AVG-302", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-302" }, { "reference_url": "https://security.archlinux.org/AVG-303", "reference_id": "AVG-303", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-303" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7778", "reference_id": "CVE-2017-7778", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7778" }, { "reference_url": "https://security.gentoo.org/glsa/201710-13", "reference_id": "GLSA-201710-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201710-13" }, { "reference_url": "https://security.gentoo.org/glsa/201802-03", "reference_id": "GLSA-201802-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201802-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15", "reference_id": "mfsa2017-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16", "reference_id": "mfsa2017-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17", "reference_id": "mfsa2017-17", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1440", "reference_id": "RHSA-2017:1440", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1561", "reference_id": "RHSA-2017:1561", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1561" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1793", "reference_id": "RHSA-2017:1793", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1793" }, { "reference_url": "https://usn.ubuntu.com/3315-1/", "reference_id": "USN-3315-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3315-1/" }, { "reference_url": "https://usn.ubuntu.com/3321-1/", "reference_id": "USN-3321-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3321-1/" }, { "reference_url": "https://usn.ubuntu.com/3398-1/", "reference_id": "USN-3398-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3398-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035755?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7778" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sncj-cwvy-ckdf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51556?format=api", "vulnerability_id": "VCID-vgwu-jbjv-xyd1", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7802.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7802.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7802", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02292", "scoring_system": "epss", "scoring_elements": "0.84714", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02292", "scoring_system": "epss", "scoring_elements": "0.8472", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02292", "scoring_system": "epss", "scoring_elements": "0.84641", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02292", "scoring_system": "epss", "scoring_elements": "0.84725", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02292", "scoring_system": "epss", "scoring_elements": "0.84707", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02292", "scoring_system": "epss", "scoring_elements": "0.847", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02292", "scoring_system": "epss", "scoring_elements": "0.84678", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02292", "scoring_system": "epss", "scoring_elements": "0.84656", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02292", "scoring_system": "epss", "scoring_elements": "0.84676", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7802" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1378147", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1378147" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:C/I:C/A:C" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3928", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3928" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3968" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-18/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-18/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-19/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-19/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-20/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-20/" }, { "reference_url": "http://www.securityfocus.com/bid/100202", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/100202" }, { "reference_url": "http://www.securitytracker.com/id/1039124", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039124" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479224", "reference_id": "1479224", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479224" }, { "reference_url": "https://security.archlinux.org/ASA-201708-18", "reference_id": "ASA-201708-18", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-18" }, { "reference_url": "https://security.archlinux.org/ASA-201708-3", "reference_id": "ASA-201708-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-3" }, { "reference_url": "https://security.archlinux.org/AVG-375", "reference_id": "AVG-375", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-375" }, { "reference_url": "https://security.archlinux.org/AVG-385", "reference_id": "AVG-385", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-385" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7802", "reference_id": "CVE-2017-7802", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7802" }, { "reference_url": "https://security.gentoo.org/glsa/201802-03", "reference_id": "GLSA-201802-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201802-03" }, { "reference_url": "https://security.gentoo.org/glsa/201803-14", "reference_id": "GLSA-201803-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201803-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18", "reference_id": "mfsa2017-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19", "reference_id": "mfsa2017-19", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20", "reference_id": "mfsa2017-20", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2456", "reference_id": "RHSA-2017:2456", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2456" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2534", "reference_id": "RHSA-2017:2534", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2534" }, { "reference_url": "https://usn.ubuntu.com/3391-1/", "reference_id": "USN-3391-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3391-1/" }, { "reference_url": "https://usn.ubuntu.com/3416-1/", "reference_id": "USN-3416-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3416-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035755?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7802" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vgwu-jbjv-xyd1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59379?format=api", "vulnerability_id": "VCID-xztj-hyqy-gug6", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5472.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5472.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5472", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83117", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83121", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83051", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83127", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83111", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83103", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83079", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83067", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83081", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5472" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1365602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1365602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3881", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3881" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3918", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3918" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-15/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-15/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-16/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-16/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-17/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-17/" }, { "reference_url": "http://www.securityfocus.com/bid/99040", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/99040" }, { "reference_url": "http://www.securitytracker.com/id/1038689", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1038689" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1461252", "reference_id": "1461252", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1461252" }, { "reference_url": "https://security.archlinux.org/ASA-201706-19", "reference_id": "ASA-201706-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-19" }, { "reference_url": "https://security.archlinux.org/ASA-201706-20", "reference_id": "ASA-201706-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-20" }, { "reference_url": "https://security.archlinux.org/AVG-302", "reference_id": "AVG-302", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-302" }, { "reference_url": "https://security.archlinux.org/AVG-303", "reference_id": "AVG-303", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-303" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5472", "reference_id": "CVE-2017-5472", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5472" }, { "reference_url": "https://security.gentoo.org/glsa/201802-03", "reference_id": "GLSA-201802-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201802-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15", "reference_id": "mfsa2017-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16", "reference_id": "mfsa2017-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17", "reference_id": "mfsa2017-17", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1440", "reference_id": "RHSA-2017:1440", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1561", "reference_id": "RHSA-2017:1561", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1561" }, { "reference_url": "https://usn.ubuntu.com/3315-1/", "reference_id": "USN-3315-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3315-1/" }, { "reference_url": "https://usn.ubuntu.com/3321-1/", "reference_id": "USN-3321-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3321-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035755?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-5472" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xztj-hyqy-gug6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51555?format=api", "vulnerability_id": "VCID-xzxb-5pq8-9bfd", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7801.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7801.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7801", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02318", "scoring_system": "epss", "scoring_elements": "0.84793", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02318", "scoring_system": "epss", "scoring_elements": "0.84798", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02318", "scoring_system": "epss", "scoring_elements": "0.84718", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02318", "scoring_system": "epss", "scoring_elements": "0.84802", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02318", "scoring_system": "epss", "scoring_elements": "0.84784", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02318", "scoring_system": "epss", "scoring_elements": "0.84777", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02318", "scoring_system": "epss", "scoring_elements": "0.84755", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02318", "scoring_system": "epss", "scoring_elements": "0.84733", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02318", "scoring_system": "epss", "scoring_elements": "0.84752", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7801" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1371259", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1371259" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:C/I:C/A:C" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3928", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3928" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3968" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-18/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-18/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-19/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-19/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-20/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-20/" }, { "reference_url": "http://www.securityfocus.com/bid/100197", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/100197" }, { "reference_url": "http://www.securitytracker.com/id/1039124", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039124" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479223", "reference_id": "1479223", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479223" }, { "reference_url": "https://security.archlinux.org/ASA-201708-18", "reference_id": "ASA-201708-18", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-18" }, { "reference_url": "https://security.archlinux.org/ASA-201708-3", "reference_id": "ASA-201708-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-3" }, { "reference_url": "https://security.archlinux.org/AVG-375", "reference_id": "AVG-375", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-375" }, { "reference_url": "https://security.archlinux.org/AVG-385", "reference_id": "AVG-385", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-385" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7801", "reference_id": "CVE-2017-7801", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7801" }, { "reference_url": "https://security.gentoo.org/glsa/201802-03", "reference_id": "GLSA-201802-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201802-03" }, { "reference_url": "https://security.gentoo.org/glsa/201803-14", "reference_id": "GLSA-201803-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201803-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18", "reference_id": "mfsa2017-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19", "reference_id": "mfsa2017-19", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20", "reference_id": "mfsa2017-20", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2456", "reference_id": "RHSA-2017:2456", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2456" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2534", "reference_id": "RHSA-2017:2534", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2534" }, { "reference_url": "https://usn.ubuntu.com/3391-1/", "reference_id": "USN-3391-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3391-1/" }, { "reference_url": "https://usn.ubuntu.com/3416-1/", "reference_id": "USN-3416-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3416-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035755?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7801" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xzxb-5pq8-9bfd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51554?format=api", "vulnerability_id": "VCID-yk2z-f6vu-93fb", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7800.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7800.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7800", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04285", "scoring_system": "epss", "scoring_elements": "0.88853", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.04285", "scoring_system": "epss", "scoring_elements": "0.88858", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04285", "scoring_system": "epss", "scoring_elements": "0.88797", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04285", "scoring_system": "epss", "scoring_elements": "0.88846", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04285", "scoring_system": "epss", "scoring_elements": "0.88841", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04285", "scoring_system": "epss", "scoring_elements": "0.88824", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04285", "scoring_system": "epss", "scoring_elements": "0.88805", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04285", "scoring_system": "epss", "scoring_elements": "0.88821", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7800" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1374047", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1374047" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:C/I:C/A:C" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3928", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3928" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3968" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-18/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-18/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-19/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-19/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-20/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-20/" }, { "reference_url": "http://www.securityfocus.com/bid/100196", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/100196" }, { "reference_url": "http://www.securitytracker.com/id/1039124", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039124" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479218", "reference_id": "1479218", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479218" }, { "reference_url": "https://security.archlinux.org/ASA-201708-18", "reference_id": "ASA-201708-18", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-18" }, { "reference_url": "https://security.archlinux.org/ASA-201708-3", "reference_id": "ASA-201708-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-3" }, { "reference_url": "https://security.archlinux.org/AVG-375", "reference_id": "AVG-375", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-375" }, { "reference_url": "https://security.archlinux.org/AVG-385", "reference_id": "AVG-385", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-385" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7800", "reference_id": "CVE-2017-7800", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7800" }, { "reference_url": "https://security.gentoo.org/glsa/201802-03", "reference_id": "GLSA-201802-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201802-03" }, { "reference_url": "https://security.gentoo.org/glsa/201803-14", "reference_id": "GLSA-201803-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201803-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18", "reference_id": "mfsa2017-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-18" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19", "reference_id": "mfsa2017-19", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-19" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20", "reference_id": "mfsa2017-20", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-20" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2456", "reference_id": "RHSA-2017:2456", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2456" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2534", "reference_id": "RHSA-2017:2534", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2534" }, { "reference_url": "https://usn.ubuntu.com/3391-1/", "reference_id": "USN-3391-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3391-1/" }, { "reference_url": "https://usn.ubuntu.com/3416-1/", "reference_id": "USN-3416-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3416-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035755?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7800" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yk2z-f6vu-93fb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59385?format=api", "vulnerability_id": "VCID-z3r1-zkkw-8fhq", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7756.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7756.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7756", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83117", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83121", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83051", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83127", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83111", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83103", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83079", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83067", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83081", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7756" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1366595", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1366595" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3881", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3881" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3918", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3918" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-15/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-15/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-16/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-16/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-17/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-17/" }, { "reference_url": "http://www.securityfocus.com/bid/99057", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/99057" }, { "reference_url": "http://www.securitytracker.com/id/1038689", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1038689" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1461258", "reference_id": "1461258", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1461258" }, { "reference_url": "https://security.archlinux.org/ASA-201706-19", "reference_id": "ASA-201706-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-19" }, { "reference_url": "https://security.archlinux.org/ASA-201706-20", "reference_id": "ASA-201706-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-20" }, { "reference_url": "https://security.archlinux.org/AVG-302", "reference_id": "AVG-302", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-302" }, { "reference_url": "https://security.archlinux.org/AVG-303", "reference_id": "AVG-303", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-303" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7756", "reference_id": "CVE-2017-7756", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7756" }, { "reference_url": "https://security.gentoo.org/glsa/201802-03", "reference_id": "GLSA-201802-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201802-03" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15", "reference_id": "mfsa2017-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16", "reference_id": "mfsa2017-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17", "reference_id": "mfsa2017-17", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1440", "reference_id": "RHSA-2017:1440", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1561", "reference_id": "RHSA-2017:1561", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1561" }, { "reference_url": "https://usn.ubuntu.com/3315-1/", "reference_id": "USN-3315-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3315-1/" }, { "reference_url": "https://usn.ubuntu.com/3321-1/", "reference_id": "USN-3321-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3321-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035755?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7756" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z3r1-zkkw-8fhq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56567?format=api", "vulnerability_id": "VCID-z7sd-q1rk-jqa7", "summary": "Multiple vulnerabilities have been found in Graphite, the worst of\n which could lead to the remote execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7773.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7773.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7773", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00618", "scoring_system": "epss", "scoring_elements": "0.69885", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00618", "scoring_system": "epss", "scoring_elements": "0.69947", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00618", "scoring_system": "epss", "scoring_elements": "0.69911", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00618", "scoring_system": "epss", "scoring_elements": "0.69888", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00618", "scoring_system": "epss", "scoring_elements": "0.69936", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00618", "scoring_system": "epss", "scoring_elements": "0.69953", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00618", "scoring_system": "epss", "scoring_elements": "0.69976", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00618", "scoring_system": "epss", "scoring_elements": "0.69961", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00618", "scoring_system": "epss", "scoring_elements": "0.69897", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7773" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7750" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7757" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7758" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7764" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7771" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7772" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7773" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7777" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7778" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472215", "reference_id": "1472215", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472215" }, { "reference_url": "https://security.archlinux.org/ASA-201706-19", "reference_id": "ASA-201706-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-19" }, { "reference_url": "https://security.archlinux.org/ASA-201706-20", "reference_id": "ASA-201706-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-20" }, { "reference_url": "https://security.archlinux.org/AVG-302", "reference_id": "AVG-302", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-302" }, { "reference_url": "https://security.archlinux.org/AVG-303", "reference_id": "AVG-303", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-303" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7773", "reference_id": "CVE-2017-7773", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7773" }, { "reference_url": "https://security.gentoo.org/glsa/201710-13", "reference_id": "GLSA-201710-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201710-13" }, { "reference_url": "https://security.gentoo.org/glsa/201802-03", "reference_id": "GLSA-201802-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201802-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1440", "reference_id": "RHSA-2017:1440", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1561", "reference_id": "RHSA-2017:1561", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1561" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1793", "reference_id": "RHSA-2017:1793", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1793" }, { "reference_url": "https://usn.ubuntu.com/3315-1/", "reference_id": "USN-3315-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3315-1/" }, { "reference_url": "https://usn.ubuntu.com/3321-1/", "reference_id": "USN-3321-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3321-1/" }, { "reference_url": "https://usn.ubuntu.com/3398-1/", "reference_id": "USN-3398-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3398-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035755?format=api", "purl": "pkg:deb/debian/icedove@1:52.3.0-4~deb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:52.3.0-4~deb8u2" } ], "aliases": [ "CVE-2017-7773" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z7sd-q1rk-jqa7" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51741?format=api", "vulnerability_id": "VCID-19cb-y1de-u3bn", "summary": "Multiple vulnerabilities have been found in Firefox, Thunderbird,\n Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with\n the worst of which may allow remote execution of arbitrary code.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1957.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1957.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1957", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57822", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57713", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57848", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57864", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57843", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57797", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57817", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57791", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57846", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1957" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1227052", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1227052" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3510", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3510" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3520", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3520" }, { "reference_url": "http://www.mozilla.org/security/announce/2016/mfsa2016-20.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-20.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "reference_url": "http://www.securitytracker.com/id/1035215", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1035215" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-2" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-3" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2934-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2934-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315573", "reference_id": "1315573", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315573" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1957", "reference_id": "CVE-2016-1957", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1957" }, { "reference_url": "https://security.gentoo.org/glsa/201605-06", "reference_id": "GLSA-201605-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201605-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-20", "reference_id": "mfsa2016-20", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-20" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0373", "reference_id": "RHSA-2016:0373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0460", "reference_id": "RHSA-2016:0460", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0460" }, { "reference_url": "https://usn.ubuntu.com/2917-1/", "reference_id": "USN-2917-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2917-1/" }, { "reference_url": "https://usn.ubuntu.com/2934-1/", "reference_id": "USN-2934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2934-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571079?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-19cb-y1de-u3bn" }, { "vulnerability": "VCID-1tcx-3zn1-ykdq" }, { "vulnerability": "VCID-2ptm-gx1p-uyhf" }, { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-3dea-vjmc-b7eb" }, { "vulnerability": "VCID-3ehk-593t-abcp" }, { "vulnerability": "VCID-3nup-1513-ybaq" }, { "vulnerability": "VCID-3tww-nhmh-gua6" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4azu-y4y6-nyff" }, { "vulnerability": "VCID-4d2q-usge-77ft" }, { "vulnerability": "VCID-4hnb-y6bt-4fb1" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-545u-wnrj-z3dh" }, { "vulnerability": "VCID-5dyh-s3yd-vqes" }, { "vulnerability": "VCID-5n3q-eby7-67de" }, { "vulnerability": "VCID-5wqt-2dtu-8qa4" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-667g-8khd-kkhm" }, { "vulnerability": "VCID-67my-umrg-wkgm" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-84kk-wfxx-t3c8" }, { "vulnerability": "VCID-86q8-2yv7-efez" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-avw6-7aqv-hbaa" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-bjyq-1zfk-eugq" }, { "vulnerability": "VCID-bp6q-cu6s-2ke7" }, { "vulnerability": "VCID-bwm1-yauc-xudu" }, { "vulnerability": "VCID-c3ex-zw8a-6bcy" }, { "vulnerability": "VCID-c83b-ttr4-83em" }, { "vulnerability": "VCID-c8p3-ef58-wudt" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-dk4z-1j37-aucx" }, { "vulnerability": "VCID-dxr7-qubc-tyb7" }, { "vulnerability": "VCID-ecm1-2298-mkfm" }, { "vulnerability": "VCID-ekxy-vaed-u7cg" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-fjam-jfc1-pkbv" }, { "vulnerability": "VCID-gcen-3yba-a3ht" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-hyhc-qud7-6uax" }, { "vulnerability": "VCID-j2ga-ggcd-fkg1" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-j6x8-vnns-1yfg" }, { "vulnerability": "VCID-j7wt-w5x2-nye4" }, { "vulnerability": "VCID-jfw1-18np-47b8" }, { "vulnerability": "VCID-js15-jev6-6fbs" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-jwze-7mfw-r3ax" }, { "vulnerability": "VCID-k131-mfqm-dka9" }, { "vulnerability": "VCID-k5hu-n47k-wffm" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-m59v-ygc2-qucg" }, { "vulnerability": "VCID-mupu-c1j2-xkgs" }, { "vulnerability": "VCID-npyt-d8qr-wqdj" }, { "vulnerability": "VCID-nr84-88hy-6fah" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pbrt-gcqj-kycv" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q4x5-dz5r-jqgr" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-qptm-f15t-57gj" }, { "vulnerability": "VCID-qtp4-ada6-tydd" }, { "vulnerability": "VCID-qu91-vc1p-dyb1" }, { "vulnerability": "VCID-r8en-yg26-w3a1" }, { "vulnerability": "VCID-rsda-j27d-8bdc" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-t4bj-qz9s-s7eb" }, { "vulnerability": "VCID-tb9n-zfut-ubht" }, { "vulnerability": "VCID-tgya-wnfn-t7eb" }, { "vulnerability": "VCID-tjjd-y1pq-ckf4" }, { "vulnerability": "VCID-ut8d-5w7x-4qg2" }, { "vulnerability": "VCID-va34-kurf-uycj" }, { "vulnerability": "VCID-va3j-erp3-3ugy" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-wgxa-54sd-rqd6" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yegk-sgdn-z3ae" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-ysg5-wc3n-fbgw" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z4ad-5vm8-t3g2" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-1957" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-19cb-y1de-u3bn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56761?format=api", "vulnerability_id": "VCID-1tcx-3zn1-ykdq", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox and\n Thunderbird the worst of which could lead to the execution of arbitrary\n code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2946.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2946.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9904.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9904.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9904", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01192", "scoring_system": "epss", "scoring_elements": "0.78845", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01192", "scoring_system": "epss", "scoring_elements": "0.78854", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01192", "scoring_system": "epss", "scoring_elements": "0.78797", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01192", "scoring_system": "epss", "scoring_elements": "0.78871", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01192", "scoring_system": "epss", "scoring_elements": "0.78848", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01192", "scoring_system": "epss", "scoring_elements": "0.78841", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01192", "scoring_system": "epss", "scoring_elements": "0.78816", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01192", "scoring_system": "epss", "scoring_elements": "0.78833", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01192", "scoring_system": "epss", "scoring_elements": "0.78804", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9904" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1317936", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1317936" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3757" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2016-94/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2016-94/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2016-95/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2016-95/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2016-96/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2016-96/" }, { "reference_url": "http://www.securityfocus.com/bid/94885", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/94885" }, { "reference_url": "http://www.securitytracker.com/id/1037461", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037461" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1404091", "reference_id": "1404091", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1404091" }, { "reference_url": "https://security.archlinux.org/ASA-201612-15", "reference_id": "ASA-201612-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201612-15" }, { "reference_url": "https://security.archlinux.org/AVG-106", "reference_id": "AVG-106", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-106" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9904", "reference_id": "CVE-2016-9904", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:N" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9904" }, { "reference_url": "https://security.gentoo.org/glsa/201701-15", "reference_id": "GLSA-201701-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-94", "reference_id": "mfsa2016-94", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-94" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-95", "reference_id": "mfsa2016-95", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-95" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-96", "reference_id": "mfsa2016-96", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-96" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2946", "reference_id": "RHSA-2016:2946", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2946" }, { "reference_url": "https://usn.ubuntu.com/3155-1/", "reference_id": "USN-3155-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3155-1/" }, { "reference_url": "https://usn.ubuntu.com/3165-1/", "reference_id": "USN-3165-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3165-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-9904" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1tcx-3zn1-ykdq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56754?format=api", "vulnerability_id": "VCID-2ptm-gx1p-uyhf", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox and\n Thunderbird the worst of which could lead to the execution of arbitrary\n code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2946.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2946.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9897.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9897.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9897", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0395", "scoring_system": "epss", "scoring_elements": "0.88353", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0395", "scoring_system": "epss", "scoring_elements": "0.88361", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0395", "scoring_system": "epss", "scoring_elements": "0.88298", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0395", "scoring_system": "epss", "scoring_elements": "0.88351", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0395", "scoring_system": "epss", "scoring_elements": "0.88344", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0395", "scoring_system": "epss", "scoring_elements": "0.88325", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0395", "scoring_system": "epss", "scoring_elements": "0.88306", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0395", "scoring_system": "epss", "scoring_elements": "0.8832", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9897" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1301381", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1301381" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3757" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2016-94/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2016-94/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2016-95/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2016-95/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2016-96/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2016-96/" }, { "reference_url": "http://www.securityfocus.com/bid/94885", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/94885" }, { "reference_url": "http://www.securitytracker.com/id/1037461", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037461" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1404087", "reference_id": "1404087", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1404087" }, { "reference_url": "https://security.archlinux.org/ASA-201612-15", "reference_id": "ASA-201612-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201612-15" }, { "reference_url": "https://security.archlinux.org/AVG-106", "reference_id": "AVG-106", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-106" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9897", "reference_id": "CVE-2016-9897", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9897" }, { "reference_url": "https://security.gentoo.org/glsa/201701-15", "reference_id": "GLSA-201701-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-94", "reference_id": "mfsa2016-94", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-94" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-95", "reference_id": "mfsa2016-95", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-95" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-96", "reference_id": "mfsa2016-96", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-96" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2946", "reference_id": "RHSA-2016:2946", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2946" }, { "reference_url": "https://usn.ubuntu.com/3155-1/", "reference_id": "USN-3155-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3155-1/" }, { "reference_url": "https://usn.ubuntu.com/3165-1/", "reference_id": "USN-3165-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3165-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-9897" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2ptm-gx1p-uyhf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56746?format=api", "vulnerability_id": "VCID-3dea-vjmc-b7eb", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox and\n Thunderbird the worst of which could lead to the execution of arbitrary\n code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2780.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2780.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5297.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5297.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5297", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01818", "scoring_system": "epss", "scoring_elements": "0.8286", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01818", "scoring_system": "epss", "scoring_elements": "0.82864", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01818", "scoring_system": "epss", "scoring_elements": "0.82795", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01818", "scoring_system": "epss", "scoring_elements": "0.82869", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01818", "scoring_system": "epss", "scoring_elements": "0.82853", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01818", "scoring_system": "epss", "scoring_elements": "0.82846", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01818", "scoring_system": "epss", "scoring_elements": "0.82821", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01818", "scoring_system": "epss", "scoring_elements": "0.82825", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01818", "scoring_system": "epss", "scoring_elements": "0.82812", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5297" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1303678", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1303678" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9064", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9064" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2016/dsa-3730", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2016/dsa-3730" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2016-89/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2016-89/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2016-90/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2016-90/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2016-93/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2016-93/" }, { "reference_url": "http://www.securityfocus.com/bid/94336", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/94336" }, { "reference_url": "http://www.securitytracker.com/id/1037298", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037298" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1395058", "reference_id": "1395058", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1395058" }, { "reference_url": "https://security.archlinux.org/ASA-201611-16", "reference_id": "ASA-201611-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-16" }, { "reference_url": "https://security.archlinux.org/AVG-72", "reference_id": "AVG-72", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-72" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5297", "reference_id": "CVE-2016-5297", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5297" }, { "reference_url": "https://security.gentoo.org/glsa/201701-15", "reference_id": "GLSA-201701-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89", "reference_id": "mfsa2016-89", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-90", "reference_id": "mfsa2016-90", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-90" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-93", "reference_id": "mfsa2016-93", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-93" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2780", "reference_id": "RHSA-2016:2780", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2780" }, { "reference_url": "https://usn.ubuntu.com/3124-1/", "reference_id": "USN-3124-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3124-1/" }, { "reference_url": "https://usn.ubuntu.com/3141-1/", "reference_id": "USN-3141-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3141-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-5297" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3dea-vjmc-b7eb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31911?format=api", "vulnerability_id": "VCID-3ehk-593t-abcp", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5408.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5408.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01068", "scoring_system": "epss", "scoring_elements": "0.77717", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01068", "scoring_system": "epss", "scoring_elements": "0.77718", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01068", "scoring_system": "epss", "scoring_elements": "0.77734", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01068", "scoring_system": "epss", "scoring_elements": "0.77658", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01068", "scoring_system": "epss", "scoring_elements": "0.77675", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01068", "scoring_system": "epss", "scoring_elements": "0.77703", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01068", "scoring_system": "epss", "scoring_elements": "0.77665", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01068", "scoring_system": "epss", "scoring_elements": "0.77692", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01068", "scoring_system": "epss", "scoring_elements": "0.77708", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5408" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1313711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1313711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3805" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3832", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3832" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-06/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-06/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-07/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-07/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-09/" }, { "reference_url": "http://www.securityfocus.com/bid/96693", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96693" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429784", "reference_id": "1429784", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429784" }, { "reference_url": "https://security.archlinux.org/ASA-201703-2", "reference_id": "ASA-201703-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-2" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-193", "reference_id": "AVG-193", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-193" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5408", "reference_id": "CVE-2017-5408", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5408" }, { "reference_url": "https://security.gentoo.org/glsa/201705-06", "reference_id": "GLSA-201705-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-06" }, { "reference_url": "https://security.gentoo.org/glsa/201705-07", "reference_id": "GLSA-201705-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06", "reference_id": "mfsa2017-06", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07", "reference_id": "mfsa2017-07", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0459", "reference_id": "RHSA-2017:0459", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0459" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0461", "reference_id": "RHSA-2017:0461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0498", "reference_id": "RHSA-2017:0498", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0498" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" }, { "reference_url": "https://usn.ubuntu.com/3233-1/", "reference_id": "USN-3233-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3233-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2017-5408" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3ehk-593t-abcp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31904?format=api", "vulnerability_id": "VCID-3nup-1513-ybaq", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5400.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5400.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00999", "scoring_system": "epss", "scoring_elements": "0.76973", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00999", "scoring_system": "epss", "scoring_elements": "0.76978", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00999", "scoring_system": "epss", "scoring_elements": "0.76999", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00999", "scoring_system": "epss", "scoring_elements": "0.76909", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00999", "scoring_system": "epss", "scoring_elements": "0.76928", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00999", "scoring_system": "epss", "scoring_elements": "0.7696", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00999", "scoring_system": "epss", "scoring_elements": "0.76915", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00999", "scoring_system": "epss", "scoring_elements": "0.76945", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00999", "scoring_system": "epss", "scoring_elements": "0.76971", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5400" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1334933", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1334933" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3805" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3832", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3832" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-06/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-06/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-07/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-07/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-09/" }, { "reference_url": "http://www.securityfocus.com/bid/96654", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96654" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429778", "reference_id": "1429778", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429778" }, { "reference_url": "https://security.archlinux.org/ASA-201703-2", "reference_id": "ASA-201703-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-2" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-193", "reference_id": "AVG-193", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-193" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5400", "reference_id": "CVE-2017-5400", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5400" }, { "reference_url": "https://security.gentoo.org/glsa/201705-06", "reference_id": "GLSA-201705-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-06" }, { "reference_url": "https://security.gentoo.org/glsa/201705-07", "reference_id": "GLSA-201705-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06", "reference_id": "mfsa2017-06", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07", "reference_id": "mfsa2017-07", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0459", "reference_id": "RHSA-2017:0459", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0459" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0461", "reference_id": "RHSA-2017:0461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0498", "reference_id": "RHSA-2017:0498", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0498" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" }, { "reference_url": "https://usn.ubuntu.com/3233-1/", "reference_id": "USN-3233-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3233-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2017-5400" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3nup-1513-ybaq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31912?format=api", "vulnerability_id": "VCID-3tww-nhmh-gua6", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5410.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5410.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02531", "scoring_system": "epss", "scoring_elements": "0.8544", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02531", "scoring_system": "epss", "scoring_elements": "0.85443", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02531", "scoring_system": "epss", "scoring_elements": "0.85445", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02531", "scoring_system": "epss", "scoring_elements": "0.85367", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02531", "scoring_system": "epss", "scoring_elements": "0.85401", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02531", "scoring_system": "epss", "scoring_elements": "0.85422", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02531", "scoring_system": "epss", "scoring_elements": "0.85379", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02531", "scoring_system": "epss", "scoring_elements": "0.85398", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02531", "scoring_system": "epss", "scoring_elements": "0.85431", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5410" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1330687", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1330687" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3805" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3832", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3832" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-06/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-06/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-07/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-07/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-09/" }, { "reference_url": "http://www.securityfocus.com/bid/96693", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96693" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429783", "reference_id": "1429783", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429783" }, { "reference_url": "https://security.archlinux.org/ASA-201703-2", "reference_id": "ASA-201703-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-2" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-193", "reference_id": "AVG-193", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-193" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5410", "reference_id": "CVE-2017-5410", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5410" }, { "reference_url": "https://security.gentoo.org/glsa/201705-06", "reference_id": "GLSA-201705-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-06" }, { "reference_url": "https://security.gentoo.org/glsa/201705-07", "reference_id": "GLSA-201705-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06", "reference_id": "mfsa2017-06", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07", "reference_id": "mfsa2017-07", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0459", "reference_id": "RHSA-2017:0459", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0459" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0461", "reference_id": "RHSA-2017:0461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0498", "reference_id": "RHSA-2017:0498", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0498" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" }, { "reference_url": "https://usn.ubuntu.com/3233-1/", "reference_id": "USN-3233-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3233-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2017-5410" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3tww-nhmh-gua6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43507?format=api", "vulnerability_id": "VCID-4azu-y4y6-nyff", "summary": "Multiple vulnerabilities have been found in Graphite, the worst of\n which could lead to the remote execution of arbitrary code.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2794.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2794.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2794", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75288", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75235", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.753", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75321", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75299", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75238", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.7527", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75247", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00875", "scoring_system": "epss", "scoring_elements": "0.75289", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2794" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1243526", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1243526" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3510", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3510" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3515", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3515" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3520", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3520" }, { "reference_url": "http://www.mozilla.org/security/announce/2016/mfsa2016-37.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-37.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "reference_url": "http://www.securityfocus.com/bid/84222", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/84222" }, { "reference_url": "http://www.securitytracker.com/id/1035215", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1035215" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-2" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-3" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2927-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2927-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2934-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2934-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315795", "reference_id": "1315795", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315795" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2794", "reference_id": "CVE-2016-2794", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:C/I:C/A:C" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2794" }, { "reference_url": "https://security.gentoo.org/glsa/201605-06", "reference_id": "GLSA-201605-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201605-06" }, { "reference_url": "https://security.gentoo.org/glsa/201701-63", "reference_id": "GLSA-201701-63", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-63" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37", "reference_id": "mfsa2016-37", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0373", "reference_id": "RHSA-2016:0373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0460", "reference_id": "RHSA-2016:0460", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0460" }, { "reference_url": "https://usn.ubuntu.com/2917-1/", "reference_id": "USN-2917-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2917-1/" }, { "reference_url": "https://usn.ubuntu.com/2927-1/", "reference_id": "USN-2927-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2927-1/" }, { "reference_url": "https://usn.ubuntu.com/2934-1/", "reference_id": "USN-2934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2934-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571079?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-19cb-y1de-u3bn" }, { "vulnerability": "VCID-1tcx-3zn1-ykdq" }, { "vulnerability": "VCID-2ptm-gx1p-uyhf" }, { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-3dea-vjmc-b7eb" }, { "vulnerability": "VCID-3ehk-593t-abcp" }, { "vulnerability": "VCID-3nup-1513-ybaq" }, { "vulnerability": "VCID-3tww-nhmh-gua6" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4azu-y4y6-nyff" }, { "vulnerability": "VCID-4d2q-usge-77ft" }, { "vulnerability": "VCID-4hnb-y6bt-4fb1" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-545u-wnrj-z3dh" }, { "vulnerability": "VCID-5dyh-s3yd-vqes" }, { "vulnerability": "VCID-5n3q-eby7-67de" }, { "vulnerability": "VCID-5wqt-2dtu-8qa4" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-667g-8khd-kkhm" }, { "vulnerability": "VCID-67my-umrg-wkgm" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-84kk-wfxx-t3c8" }, { "vulnerability": "VCID-86q8-2yv7-efez" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-avw6-7aqv-hbaa" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-bjyq-1zfk-eugq" }, { "vulnerability": "VCID-bp6q-cu6s-2ke7" }, { "vulnerability": "VCID-bwm1-yauc-xudu" }, { "vulnerability": "VCID-c3ex-zw8a-6bcy" }, { "vulnerability": "VCID-c83b-ttr4-83em" }, { "vulnerability": "VCID-c8p3-ef58-wudt" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-dk4z-1j37-aucx" }, { "vulnerability": "VCID-dxr7-qubc-tyb7" }, { "vulnerability": "VCID-ecm1-2298-mkfm" }, { "vulnerability": "VCID-ekxy-vaed-u7cg" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-fjam-jfc1-pkbv" }, { "vulnerability": "VCID-gcen-3yba-a3ht" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-hyhc-qud7-6uax" }, { "vulnerability": "VCID-j2ga-ggcd-fkg1" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-j6x8-vnns-1yfg" }, { "vulnerability": "VCID-j7wt-w5x2-nye4" }, { "vulnerability": "VCID-jfw1-18np-47b8" }, { "vulnerability": "VCID-js15-jev6-6fbs" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-jwze-7mfw-r3ax" }, { "vulnerability": "VCID-k131-mfqm-dka9" }, { "vulnerability": "VCID-k5hu-n47k-wffm" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-m59v-ygc2-qucg" }, { "vulnerability": "VCID-mupu-c1j2-xkgs" }, { "vulnerability": "VCID-npyt-d8qr-wqdj" }, { "vulnerability": "VCID-nr84-88hy-6fah" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pbrt-gcqj-kycv" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q4x5-dz5r-jqgr" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-qptm-f15t-57gj" }, { "vulnerability": "VCID-qtp4-ada6-tydd" }, { "vulnerability": "VCID-qu91-vc1p-dyb1" }, { "vulnerability": "VCID-r8en-yg26-w3a1" }, { "vulnerability": "VCID-rsda-j27d-8bdc" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-t4bj-qz9s-s7eb" }, { "vulnerability": "VCID-tb9n-zfut-ubht" }, { "vulnerability": "VCID-tgya-wnfn-t7eb" }, { "vulnerability": "VCID-tjjd-y1pq-ckf4" }, { "vulnerability": "VCID-ut8d-5w7x-4qg2" }, { "vulnerability": "VCID-va34-kurf-uycj" }, { "vulnerability": "VCID-va3j-erp3-3ugy" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-wgxa-54sd-rqd6" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yegk-sgdn-z3ae" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-ysg5-wc3n-fbgw" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z4ad-5vm8-t3g2" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-2794" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4azu-y4y6-nyff" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56755?format=api", "vulnerability_id": "VCID-4d2q-usge-77ft", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox and\n Thunderbird the worst of which could lead to the execution of arbitrary\n code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2946.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2946.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9898.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9898.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9898", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02604", "scoring_system": "epss", "scoring_elements": "0.85622", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02604", "scoring_system": "epss", "scoring_elements": "0.85626", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02604", "scoring_system": "epss", "scoring_elements": "0.8555", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02604", "scoring_system": "epss", "scoring_elements": "0.85629", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02604", "scoring_system": "epss", "scoring_elements": "0.85616", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02604", "scoring_system": "epss", "scoring_elements": "0.85605", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02604", "scoring_system": "epss", "scoring_elements": "0.85585", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02604", "scoring_system": "epss", "scoring_elements": "0.8558", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02604", "scoring_system": "epss", "scoring_elements": "0.85562", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9898" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1314442", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1314442" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3757" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2016-94/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2016-94/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2016-95/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2016-95/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2016-96/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2016-96/" }, { "reference_url": "http://www.securityfocus.com/bid/94885", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/94885" }, { "reference_url": "http://www.securitytracker.com/id/1037461", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037461" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1404089", "reference_id": "1404089", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1404089" }, { "reference_url": "https://security.archlinux.org/ASA-201612-15", "reference_id": "ASA-201612-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201612-15" }, { "reference_url": "https://security.archlinux.org/AVG-106", "reference_id": "AVG-106", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-106" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9898", "reference_id": "CVE-2016-9898", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9898" }, { "reference_url": "https://security.gentoo.org/glsa/201701-15", "reference_id": "GLSA-201701-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-94", "reference_id": "mfsa2016-94", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-94" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-95", "reference_id": "mfsa2016-95", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-95" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-96", "reference_id": "mfsa2016-96", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-96" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2946", "reference_id": "RHSA-2016:2946", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2946" }, { "reference_url": "https://usn.ubuntu.com/3155-1/", "reference_id": "USN-3155-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3155-1/" }, { "reference_url": "https://usn.ubuntu.com/3165-1/", "reference_id": "USN-3165-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3165-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-9898" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4d2q-usge-77ft" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43521?format=api", "vulnerability_id": "VCID-4hnb-y6bt-4fb1", "summary": "Multiple vulnerabilities have been found in Graphite, the worst of\n which could lead to the remote execution of arbitrary code.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2798.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2798.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2798", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68422", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68356", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.6844", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68467", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68455", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68377", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68396", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68373", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68423", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2798" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1248805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1248805" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3510", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3510" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3515", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3515" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3520", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3520" }, { "reference_url": "http://www.mozilla.org/security/announce/2016/mfsa2016-37.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-37.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "reference_url": "http://www.securityfocus.com/bid/84222", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/84222" }, { "reference_url": "http://www.securitytracker.com/id/1035215", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1035215" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-2" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-3" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2927-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2927-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2934-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2934-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315795", "reference_id": "1315795", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315795" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2798", "reference_id": "CVE-2016-2798", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2798" }, { "reference_url": "https://security.gentoo.org/glsa/201605-06", "reference_id": "GLSA-201605-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201605-06" }, { "reference_url": "https://security.gentoo.org/glsa/201701-63", "reference_id": "GLSA-201701-63", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-63" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37", "reference_id": "mfsa2016-37", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0373", "reference_id": "RHSA-2016:0373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0460", "reference_id": "RHSA-2016:0460", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0460" }, { "reference_url": "https://usn.ubuntu.com/2917-1/", "reference_id": "USN-2917-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2917-1/" }, { "reference_url": "https://usn.ubuntu.com/2927-1/", "reference_id": "USN-2927-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2927-1/" }, { "reference_url": "https://usn.ubuntu.com/2934-1/", "reference_id": "USN-2934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2934-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571079?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-19cb-y1de-u3bn" }, { "vulnerability": "VCID-1tcx-3zn1-ykdq" }, { "vulnerability": "VCID-2ptm-gx1p-uyhf" }, { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-3dea-vjmc-b7eb" }, { "vulnerability": "VCID-3ehk-593t-abcp" }, { "vulnerability": "VCID-3nup-1513-ybaq" }, { "vulnerability": "VCID-3tww-nhmh-gua6" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4azu-y4y6-nyff" }, { "vulnerability": "VCID-4d2q-usge-77ft" }, { "vulnerability": "VCID-4hnb-y6bt-4fb1" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-545u-wnrj-z3dh" }, { "vulnerability": "VCID-5dyh-s3yd-vqes" }, { "vulnerability": "VCID-5n3q-eby7-67de" }, { "vulnerability": "VCID-5wqt-2dtu-8qa4" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-667g-8khd-kkhm" }, { "vulnerability": "VCID-67my-umrg-wkgm" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-84kk-wfxx-t3c8" }, { "vulnerability": "VCID-86q8-2yv7-efez" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-avw6-7aqv-hbaa" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-bjyq-1zfk-eugq" }, { "vulnerability": "VCID-bp6q-cu6s-2ke7" }, { "vulnerability": "VCID-bwm1-yauc-xudu" }, { "vulnerability": "VCID-c3ex-zw8a-6bcy" }, { "vulnerability": "VCID-c83b-ttr4-83em" }, { "vulnerability": "VCID-c8p3-ef58-wudt" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-dk4z-1j37-aucx" }, { "vulnerability": "VCID-dxr7-qubc-tyb7" }, { "vulnerability": "VCID-ecm1-2298-mkfm" }, { "vulnerability": "VCID-ekxy-vaed-u7cg" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-fjam-jfc1-pkbv" }, { "vulnerability": "VCID-gcen-3yba-a3ht" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-hyhc-qud7-6uax" }, { "vulnerability": "VCID-j2ga-ggcd-fkg1" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-j6x8-vnns-1yfg" }, { "vulnerability": "VCID-j7wt-w5x2-nye4" }, { "vulnerability": "VCID-jfw1-18np-47b8" }, { "vulnerability": "VCID-js15-jev6-6fbs" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-jwze-7mfw-r3ax" }, { "vulnerability": "VCID-k131-mfqm-dka9" }, { "vulnerability": "VCID-k5hu-n47k-wffm" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-m59v-ygc2-qucg" }, { "vulnerability": "VCID-mupu-c1j2-xkgs" }, { "vulnerability": "VCID-npyt-d8qr-wqdj" }, { "vulnerability": "VCID-nr84-88hy-6fah" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pbrt-gcqj-kycv" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q4x5-dz5r-jqgr" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-qptm-f15t-57gj" }, { "vulnerability": "VCID-qtp4-ada6-tydd" }, { "vulnerability": "VCID-qu91-vc1p-dyb1" }, { "vulnerability": "VCID-r8en-yg26-w3a1" }, { "vulnerability": "VCID-rsda-j27d-8bdc" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-t4bj-qz9s-s7eb" }, { "vulnerability": "VCID-tb9n-zfut-ubht" }, { "vulnerability": "VCID-tgya-wnfn-t7eb" }, { "vulnerability": "VCID-tjjd-y1pq-ckf4" }, { "vulnerability": "VCID-ut8d-5w7x-4qg2" }, { "vulnerability": "VCID-va34-kurf-uycj" }, { "vulnerability": "VCID-va3j-erp3-3ugy" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-wgxa-54sd-rqd6" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yegk-sgdn-z3ae" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-ysg5-wc3n-fbgw" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z4ad-5vm8-t3g2" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-2798" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4hnb-y6bt-4fb1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56742?format=api", "vulnerability_id": "VCID-545u-wnrj-z3dh", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox and\n Thunderbird the worst of which could lead to the execution of arbitrary\n code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2780.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2780.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5291.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5291.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5291", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.10895", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.10918", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.10797", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.10951", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.1095", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.10897", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.10822", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.10997", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.10932", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5291" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1292159", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1292159" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9064", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9064" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2016/dsa-3730", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2016/dsa-3730" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2016-89/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2016-89/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2016-90/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2016-90/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2016-93/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2016-93/" }, { "reference_url": "http://www.securityfocus.com/bid/94336", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/94336" }, { "reference_url": "http://www.securitytracker.com/id/1037298", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037298" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1395065", "reference_id": "1395065", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1395065" }, { "reference_url": "https://security.archlinux.org/ASA-201611-16", "reference_id": "ASA-201611-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-16" }, { "reference_url": "https://security.archlinux.org/AVG-72", "reference_id": "AVG-72", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-72" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5291", "reference_id": "CVE-2016-5291", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:C/I:N/A:N" }, { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5291" }, { "reference_url": "https://security.gentoo.org/glsa/201701-15", "reference_id": "GLSA-201701-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89", "reference_id": "mfsa2016-89", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-90", "reference_id": "mfsa2016-90", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-90" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-93", "reference_id": "mfsa2016-93", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-93" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2780", "reference_id": "RHSA-2016:2780", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2780" }, { "reference_url": "https://usn.ubuntu.com/3124-1/", "reference_id": "USN-3124-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3124-1/" }, { "reference_url": "https://usn.ubuntu.com/3141-1/", "reference_id": "USN-3141-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3141-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-5291" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-545u-wnrj-z3dh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56753?format=api", "vulnerability_id": "VCID-5dyh-s3yd-vqes", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox and\n Thunderbird the worst of which could lead to the execution of arbitrary\n code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2946.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2946.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2973.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2973.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9895.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9895.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9895", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00709", "scoring_system": "epss", "scoring_elements": "0.72206", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00709", "scoring_system": "epss", "scoring_elements": "0.7222", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00709", "scoring_system": "epss", "scoring_elements": "0.72161", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00709", "scoring_system": "epss", "scoring_elements": "0.72236", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00709", "scoring_system": "epss", "scoring_elements": "0.72213", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00709", "scoring_system": "epss", "scoring_elements": "0.72201", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00709", "scoring_system": "epss", "scoring_elements": "0.72164", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00709", "scoring_system": "epss", "scoring_elements": "0.72186", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00709", "scoring_system": "epss", "scoring_elements": "0.72166", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9895" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1312272", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1312272" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3757" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2016-94/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2016-94/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2016-95/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2016-95/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2016-96/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2016-96/" }, { "reference_url": "http://www.securityfocus.com/bid/94885", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/94885" }, { "reference_url": "http://www.securitytracker.com/id/1037461", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037461" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1404086", "reference_id": "1404086", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1404086" }, { "reference_url": "https://security.archlinux.org/ASA-201612-15", "reference_id": "ASA-201612-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201612-15" }, { "reference_url": "https://security.archlinux.org/AVG-106", "reference_id": "AVG-106", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-106" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9895", "reference_id": "CVE-2016-9895", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" }, { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9895" }, { "reference_url": "https://security.gentoo.org/glsa/201701-15", "reference_id": "GLSA-201701-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-94", "reference_id": "mfsa2016-94", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-94" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-95", "reference_id": "mfsa2016-95", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-95" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-96", "reference_id": "mfsa2016-96", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-96" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2946", "reference_id": "RHSA-2016:2946", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2946" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2973", "reference_id": "RHSA-2016:2973", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2973" }, { "reference_url": "https://usn.ubuntu.com/3155-1/", "reference_id": "USN-3155-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3155-1/" }, { "reference_url": "https://usn.ubuntu.com/3165-1/", "reference_id": "USN-3165-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3165-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-9895" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5dyh-s3yd-vqes" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41541?format=api", "vulnerability_id": "VCID-5n3q-eby7-67de", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0190.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0190.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0238.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0238.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5373.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5373.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82781", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82785", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82714", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.8279", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82774", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82767", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82741", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.8273", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82744", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5373" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1322315%2C1328834%2C1322420%2C1285833%2C1285960%2C1328251%2C1331058%2C1325938%2C1325877", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1322315%2C1328834%2C1322420%2C1285833%2C1285960%2C1328251%2C1331058%2C1325938%2C1325877" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3771" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3832", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3832" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-01/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-01/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-02/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-02/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-03/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-03/" }, { "reference_url": "http://www.securityfocus.com/bid/95762", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/95762" }, { "reference_url": "http://www.securitytracker.com/id/1037693", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037693" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1415924", "reference_id": "1415924", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1415924" }, { "reference_url": "https://security.archlinux.org/ASA-201701-39", "reference_id": "ASA-201701-39", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-39" }, { "reference_url": "https://security.archlinux.org/ASA-201701-40", "reference_id": "ASA-201701-40", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-40" }, { "reference_url": "https://security.archlinux.org/AVG-157", "reference_id": "AVG-157", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-157" }, { "reference_url": "https://security.archlinux.org/AVG-158", "reference_id": "AVG-158", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-158" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5373", "reference_id": "CVE-2017-5373", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5373" }, { "reference_url": "https://security.gentoo.org/glsa/201702-13", "reference_id": "GLSA-201702-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-13" }, { "reference_url": "https://security.gentoo.org/glsa/201702-22", "reference_id": "GLSA-201702-22", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-22" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01", "reference_id": "mfsa2017-01", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-02", "reference_id": "mfsa2017-02", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-03", "reference_id": "mfsa2017-03", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0190", "reference_id": "RHSA-2017:0190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0190" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0238", "reference_id": "RHSA-2017:0238", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0238" }, { "reference_url": "https://usn.ubuntu.com/3165-1/", "reference_id": "USN-3165-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3165-1/" }, { "reference_url": "https://usn.ubuntu.com/3175-1/", "reference_id": "USN-3175-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3175-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2017-5373" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5n3q-eby7-67de" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51735?format=api", "vulnerability_id": "VCID-5wqt-2dtu-8qa4", "summary": "Multiple vulnerabilities have been found in Firefox, Thunderbird,\n Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with\n the worst of which may allow remote execution of arbitrary code.", "references": [ { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-0495.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-0495.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1950.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1950.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1950", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01867", "scoring_system": "epss", "scoring_elements": "0.8308", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01867", "scoring_system": "epss", "scoring_elements": "0.83014", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01867", "scoring_system": "epss", "scoring_elements": "0.83067", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01867", "scoring_system": "epss", "scoring_elements": "0.83074", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01867", "scoring_system": "epss", "scoring_elements": "0.8309", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01867", "scoring_system": "epss", "scoring_elements": "0.83084", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01867", "scoring_system": "epss", "scoring_elements": "0.83031", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01867", "scoring_system": "epss", "scoring_elements": "0.83044", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01867", "scoring_system": "epss", "scoring_elements": "0.83042", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1950" }, { "reference_url": "https://bto.bluecoat.com/security-advisory/sa119", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bto.bluecoat.com/security-advisory/sa119" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1245528", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1245528" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802" }, { "reference_url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.2.3_release_notes", "reference_id": "", "reference_type": "", "scores": [], "url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.2.3_release_notes" }, { "reference_url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21.1_release_notes", "reference_id": "", "reference_type": "", "scores": [], "url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21.1_release_notes" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://support.apple.com/HT206166", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206166" }, { "reference_url": "https://support.apple.com/HT206167", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206167" }, { "reference_url": "https://support.apple.com/HT206168", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206168" }, { "reference_url": "https://support.apple.com/HT206169", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206169" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3510", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3510" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3520", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3520" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3688", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3688" }, { "reference_url": "http://www.mozilla.org/security/announce/2016/mfsa2016-35.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-35.html" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html" }, { "reference_url": "http://www.securityfocus.com/bid/84223", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/84223" }, { "reference_url": "http://www.securitytracker.com/id/1035215", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1035215" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-2" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-3" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2924-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2924-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2934-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2934-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1310509", "reference_id": "1310509", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1310509" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services:3.19.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:network_security_services:3.19.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services:3.19.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services:3.20:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:network_security_services:3.20:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services:3.20:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services:3.20.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:network_security_services:3.20.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services:3.20.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services:3.21:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:network_security_services:3.21:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services:3.21:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:glassfish_server:2.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:glassfish_server:2.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:glassfish_server:2.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:iplanet_web_proxy_server:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:iplanet_web_proxy_server:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:iplanet_web_proxy_server:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:iplanet_web_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:iplanet_web_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:iplanet_web_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:vm_server:3.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:vm_server:3.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:vm_server:3.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1950", "reference_id": "CVE-2016-1950", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1950" }, { "reference_url": "https://security.gentoo.org/glsa/201605-06", "reference_id": "GLSA-201605-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201605-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-35", "reference_id": "mfsa2016-35", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-35" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0370", "reference_id": "RHSA-2016:0370", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0370" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0371", "reference_id": "RHSA-2016:0371", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0371" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0495", "reference_id": "RHSA-2016:0495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0495" }, { "reference_url": "https://usn.ubuntu.com/2917-1/", "reference_id": "USN-2917-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2917-1/" }, { "reference_url": "https://usn.ubuntu.com/2924-1/", "reference_id": "USN-2924-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2924-1/" }, { "reference_url": "https://usn.ubuntu.com/2934-1/", "reference_id": "USN-2934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2934-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571079?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-19cb-y1de-u3bn" }, { "vulnerability": "VCID-1tcx-3zn1-ykdq" }, { "vulnerability": "VCID-2ptm-gx1p-uyhf" }, { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-3dea-vjmc-b7eb" }, { "vulnerability": "VCID-3ehk-593t-abcp" }, { "vulnerability": "VCID-3nup-1513-ybaq" }, { "vulnerability": "VCID-3tww-nhmh-gua6" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4azu-y4y6-nyff" }, { "vulnerability": "VCID-4d2q-usge-77ft" }, { "vulnerability": "VCID-4hnb-y6bt-4fb1" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-545u-wnrj-z3dh" }, { "vulnerability": "VCID-5dyh-s3yd-vqes" }, { "vulnerability": "VCID-5n3q-eby7-67de" }, { "vulnerability": "VCID-5wqt-2dtu-8qa4" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-667g-8khd-kkhm" }, { "vulnerability": "VCID-67my-umrg-wkgm" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-84kk-wfxx-t3c8" }, { "vulnerability": "VCID-86q8-2yv7-efez" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-avw6-7aqv-hbaa" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-bjyq-1zfk-eugq" }, { "vulnerability": "VCID-bp6q-cu6s-2ke7" }, { "vulnerability": "VCID-bwm1-yauc-xudu" }, { "vulnerability": "VCID-c3ex-zw8a-6bcy" }, { "vulnerability": "VCID-c83b-ttr4-83em" }, { "vulnerability": "VCID-c8p3-ef58-wudt" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-dk4z-1j37-aucx" }, { "vulnerability": "VCID-dxr7-qubc-tyb7" }, { "vulnerability": "VCID-ecm1-2298-mkfm" }, { "vulnerability": "VCID-ekxy-vaed-u7cg" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-fjam-jfc1-pkbv" }, { "vulnerability": "VCID-gcen-3yba-a3ht" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-hyhc-qud7-6uax" }, { "vulnerability": "VCID-j2ga-ggcd-fkg1" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-j6x8-vnns-1yfg" }, { "vulnerability": "VCID-j7wt-w5x2-nye4" }, { "vulnerability": "VCID-jfw1-18np-47b8" }, { "vulnerability": "VCID-js15-jev6-6fbs" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-jwze-7mfw-r3ax" }, { "vulnerability": "VCID-k131-mfqm-dka9" }, { "vulnerability": "VCID-k5hu-n47k-wffm" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-m59v-ygc2-qucg" }, { "vulnerability": "VCID-mupu-c1j2-xkgs" }, { "vulnerability": "VCID-npyt-d8qr-wqdj" }, { "vulnerability": "VCID-nr84-88hy-6fah" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pbrt-gcqj-kycv" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q4x5-dz5r-jqgr" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-qptm-f15t-57gj" }, { "vulnerability": "VCID-qtp4-ada6-tydd" }, { "vulnerability": "VCID-qu91-vc1p-dyb1" }, { "vulnerability": "VCID-r8en-yg26-w3a1" }, { "vulnerability": "VCID-rsda-j27d-8bdc" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-t4bj-qz9s-s7eb" }, { "vulnerability": "VCID-tb9n-zfut-ubht" }, { "vulnerability": "VCID-tgya-wnfn-t7eb" }, { "vulnerability": "VCID-tjjd-y1pq-ckf4" }, { "vulnerability": "VCID-ut8d-5w7x-4qg2" }, { "vulnerability": "VCID-va34-kurf-uycj" }, { "vulnerability": "VCID-va3j-erp3-3ugy" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-wgxa-54sd-rqd6" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yegk-sgdn-z3ae" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-ysg5-wc3n-fbgw" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z4ad-5vm8-t3g2" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-1950" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5wqt-2dtu-8qa4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31910?format=api", "vulnerability_id": "VCID-667g-8khd-kkhm", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5407.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5407.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01045", "scoring_system": "epss", "scoring_elements": "0.7748", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01045", "scoring_system": "epss", "scoring_elements": "0.77484", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01045", "scoring_system": "epss", "scoring_elements": "0.77503", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01045", "scoring_system": "epss", "scoring_elements": "0.77426", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01045", "scoring_system": "epss", "scoring_elements": "0.77438", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01045", "scoring_system": "epss", "scoring_elements": "0.77468", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01045", "scoring_system": "epss", "scoring_elements": "0.77433", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01045", "scoring_system": "epss", "scoring_elements": "0.77458", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01045", "scoring_system": "epss", "scoring_elements": "0.77477", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5407" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1336622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1336622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3805" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3832", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3832" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-06/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-06/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-07/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-07/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-09/" }, { "reference_url": "http://www.securityfocus.com/bid/96693", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96693" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429782", "reference_id": "1429782", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429782" }, { "reference_url": "https://security.archlinux.org/ASA-201703-2", "reference_id": "ASA-201703-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-2" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-193", "reference_id": "AVG-193", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-193" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5407", "reference_id": "CVE-2017-5407", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5407" }, { "reference_url": "https://security.gentoo.org/glsa/201705-06", "reference_id": "GLSA-201705-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-06" }, { "reference_url": "https://security.gentoo.org/glsa/201705-07", "reference_id": "GLSA-201705-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06", "reference_id": "mfsa2017-06", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07", "reference_id": "mfsa2017-07", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0459", "reference_id": "RHSA-2017:0459", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0459" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0461", "reference_id": "RHSA-2017:0461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0498", "reference_id": "RHSA-2017:0498", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0498" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" }, { "reference_url": "https://usn.ubuntu.com/3233-1/", "reference_id": "USN-3233-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3233-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2017-5407" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-667g-8khd-kkhm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43534?format=api", "vulnerability_id": "VCID-67my-umrg-wkgm", "summary": "Multiple vulnerabilities have been found in Graphite, the worst of\n which could lead to the remote execution of arbitrary code.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2802.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2802.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2802", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68422", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68356", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.6844", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68467", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68455", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68377", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68396", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68373", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68423", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2802" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1248804", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1248804" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3510", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3510" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3515", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3515" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3520", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3520" }, { "reference_url": "http://www.mozilla.org/security/announce/2016/mfsa2016-37.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-37.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "reference_url": "http://www.securityfocus.com/bid/84222", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/84222" }, { "reference_url": "http://www.securitytracker.com/id/1035215", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1035215" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-2" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-3" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2927-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2927-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2934-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2934-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315795", "reference_id": "1315795", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315795" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2802", "reference_id": "CVE-2016-2802", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2802" }, { "reference_url": "https://security.gentoo.org/glsa/201605-06", "reference_id": "GLSA-201605-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201605-06" }, { "reference_url": "https://security.gentoo.org/glsa/201701-63", "reference_id": "GLSA-201701-63", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-63" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37", "reference_id": "mfsa2016-37", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0373", "reference_id": "RHSA-2016:0373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0460", "reference_id": "RHSA-2016:0460", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0460" }, { "reference_url": "https://usn.ubuntu.com/2917-1/", "reference_id": "USN-2917-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2917-1/" }, { "reference_url": "https://usn.ubuntu.com/2927-1/", "reference_id": "USN-2927-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2927-1/" }, { "reference_url": "https://usn.ubuntu.com/2934-1/", "reference_id": "USN-2934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2934-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571079?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-19cb-y1de-u3bn" }, { "vulnerability": "VCID-1tcx-3zn1-ykdq" }, { "vulnerability": "VCID-2ptm-gx1p-uyhf" }, { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-3dea-vjmc-b7eb" }, { "vulnerability": "VCID-3ehk-593t-abcp" }, { "vulnerability": "VCID-3nup-1513-ybaq" }, { "vulnerability": "VCID-3tww-nhmh-gua6" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4azu-y4y6-nyff" }, { "vulnerability": "VCID-4d2q-usge-77ft" }, { "vulnerability": "VCID-4hnb-y6bt-4fb1" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-545u-wnrj-z3dh" }, { "vulnerability": "VCID-5dyh-s3yd-vqes" }, { "vulnerability": "VCID-5n3q-eby7-67de" }, { "vulnerability": "VCID-5wqt-2dtu-8qa4" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-667g-8khd-kkhm" }, { "vulnerability": "VCID-67my-umrg-wkgm" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-84kk-wfxx-t3c8" }, { "vulnerability": "VCID-86q8-2yv7-efez" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-avw6-7aqv-hbaa" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-bjyq-1zfk-eugq" }, { "vulnerability": "VCID-bp6q-cu6s-2ke7" }, { "vulnerability": "VCID-bwm1-yauc-xudu" }, { "vulnerability": "VCID-c3ex-zw8a-6bcy" }, { "vulnerability": "VCID-c83b-ttr4-83em" }, { "vulnerability": "VCID-c8p3-ef58-wudt" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-dk4z-1j37-aucx" }, { "vulnerability": "VCID-dxr7-qubc-tyb7" }, { "vulnerability": "VCID-ecm1-2298-mkfm" }, { "vulnerability": "VCID-ekxy-vaed-u7cg" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-fjam-jfc1-pkbv" }, { "vulnerability": "VCID-gcen-3yba-a3ht" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-hyhc-qud7-6uax" }, { "vulnerability": "VCID-j2ga-ggcd-fkg1" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-j6x8-vnns-1yfg" }, { "vulnerability": "VCID-j7wt-w5x2-nye4" }, { "vulnerability": "VCID-jfw1-18np-47b8" }, { "vulnerability": "VCID-js15-jev6-6fbs" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-jwze-7mfw-r3ax" }, { "vulnerability": "VCID-k131-mfqm-dka9" }, { "vulnerability": "VCID-k5hu-n47k-wffm" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-m59v-ygc2-qucg" }, { "vulnerability": "VCID-mupu-c1j2-xkgs" }, { "vulnerability": "VCID-npyt-d8qr-wqdj" }, { "vulnerability": "VCID-nr84-88hy-6fah" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pbrt-gcqj-kycv" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q4x5-dz5r-jqgr" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-qptm-f15t-57gj" }, { "vulnerability": "VCID-qtp4-ada6-tydd" }, { "vulnerability": "VCID-qu91-vc1p-dyb1" }, { "vulnerability": "VCID-r8en-yg26-w3a1" }, { "vulnerability": "VCID-rsda-j27d-8bdc" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-t4bj-qz9s-s7eb" }, { "vulnerability": "VCID-tb9n-zfut-ubht" }, { "vulnerability": "VCID-tgya-wnfn-t7eb" }, { "vulnerability": "VCID-tjjd-y1pq-ckf4" }, { "vulnerability": "VCID-ut8d-5w7x-4qg2" }, { "vulnerability": "VCID-va34-kurf-uycj" }, { "vulnerability": "VCID-va3j-erp3-3ugy" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-wgxa-54sd-rqd6" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yegk-sgdn-z3ae" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-ysg5-wc3n-fbgw" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z4ad-5vm8-t3g2" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-2802" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-67my-umrg-wkgm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41545?format=api", "vulnerability_id": "VCID-84kk-wfxx-t3c8", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0190.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0190.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0238.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0238.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5380.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5380.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82781", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82785", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82714", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.8279", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82774", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82767", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82741", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.8273", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82744", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5380" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1322107", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1322107" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3771" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3832", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3832" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-01/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-01/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-02/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-02/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-03/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-03/" }, { "reference_url": "http://www.securityfocus.com/bid/95769", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/95769" }, { "reference_url": "http://www.securitytracker.com/id/1037693", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037693" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416274", "reference_id": "1416274", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416274" }, { "reference_url": "https://security.archlinux.org/ASA-201701-39", "reference_id": "ASA-201701-39", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-39" }, { "reference_url": "https://security.archlinux.org/ASA-201701-40", "reference_id": "ASA-201701-40", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-40" }, { "reference_url": "https://security.archlinux.org/AVG-157", "reference_id": "AVG-157", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-157" }, { "reference_url": "https://security.archlinux.org/AVG-158", "reference_id": "AVG-158", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-158" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5380", "reference_id": "CVE-2017-5380", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5380" }, { "reference_url": "https://security.gentoo.org/glsa/201702-13", "reference_id": "GLSA-201702-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-13" }, { "reference_url": "https://security.gentoo.org/glsa/201702-22", "reference_id": "GLSA-201702-22", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-22" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01", "reference_id": "mfsa2017-01", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-02", "reference_id": "mfsa2017-02", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-03", "reference_id": "mfsa2017-03", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0190", "reference_id": "RHSA-2017:0190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0190" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0238", "reference_id": "RHSA-2017:0238", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0238" }, { "reference_url": "https://usn.ubuntu.com/3165-1/", "reference_id": "USN-3165-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3165-1/" }, { "reference_url": "https://usn.ubuntu.com/3175-1/", "reference_id": "USN-3175-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3175-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2017-5380" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-84kk-wfxx-t3c8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43503?format=api", "vulnerability_id": "VCID-86q8-2yv7-efez", "summary": "Multiple vulnerabilities have been found in Graphite, the worst of\n which could lead to the remote execution of arbitrary code.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2790.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2790.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2790", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68422", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68356", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.6844", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68467", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68455", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68377", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68396", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68373", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68423", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2790" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1243464", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1243464" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3510", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3510" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3515", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3515" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3520", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3520" }, { "reference_url": "http://www.mozilla.org/security/announce/2016/mfsa2016-37.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-37.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "reference_url": "http://www.securityfocus.com/bid/84222", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/84222" }, { "reference_url": "http://www.securitytracker.com/id/1035215", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1035215" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-2" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-3" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2927-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2927-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2934-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2934-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315795", "reference_id": "1315795", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315795" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2790", "reference_id": "CVE-2016-2790", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2790" }, { "reference_url": "https://security.gentoo.org/glsa/201605-06", "reference_id": "GLSA-201605-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201605-06" }, { "reference_url": "https://security.gentoo.org/glsa/201701-63", "reference_id": "GLSA-201701-63", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-63" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37", "reference_id": "mfsa2016-37", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0373", "reference_id": "RHSA-2016:0373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0460", "reference_id": "RHSA-2016:0460", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0460" }, { "reference_url": "https://usn.ubuntu.com/2917-1/", "reference_id": "USN-2917-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2917-1/" }, { "reference_url": "https://usn.ubuntu.com/2927-1/", "reference_id": "USN-2927-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2927-1/" }, { "reference_url": "https://usn.ubuntu.com/2934-1/", "reference_id": "USN-2934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2934-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571079?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-19cb-y1de-u3bn" }, { "vulnerability": "VCID-1tcx-3zn1-ykdq" }, { "vulnerability": "VCID-2ptm-gx1p-uyhf" }, { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-3dea-vjmc-b7eb" }, { "vulnerability": "VCID-3ehk-593t-abcp" }, { "vulnerability": "VCID-3nup-1513-ybaq" }, { "vulnerability": "VCID-3tww-nhmh-gua6" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4azu-y4y6-nyff" }, { "vulnerability": "VCID-4d2q-usge-77ft" }, { "vulnerability": "VCID-4hnb-y6bt-4fb1" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-545u-wnrj-z3dh" }, { "vulnerability": "VCID-5dyh-s3yd-vqes" }, { "vulnerability": "VCID-5n3q-eby7-67de" }, { "vulnerability": "VCID-5wqt-2dtu-8qa4" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-667g-8khd-kkhm" }, { "vulnerability": "VCID-67my-umrg-wkgm" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-84kk-wfxx-t3c8" }, { "vulnerability": "VCID-86q8-2yv7-efez" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-avw6-7aqv-hbaa" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-bjyq-1zfk-eugq" }, { "vulnerability": "VCID-bp6q-cu6s-2ke7" }, { "vulnerability": "VCID-bwm1-yauc-xudu" }, { "vulnerability": "VCID-c3ex-zw8a-6bcy" }, { "vulnerability": "VCID-c83b-ttr4-83em" }, { "vulnerability": "VCID-c8p3-ef58-wudt" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-dk4z-1j37-aucx" }, { "vulnerability": "VCID-dxr7-qubc-tyb7" }, { "vulnerability": "VCID-ecm1-2298-mkfm" }, { "vulnerability": "VCID-ekxy-vaed-u7cg" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-fjam-jfc1-pkbv" }, { "vulnerability": "VCID-gcen-3yba-a3ht" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-hyhc-qud7-6uax" }, { "vulnerability": "VCID-j2ga-ggcd-fkg1" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-j6x8-vnns-1yfg" }, { "vulnerability": "VCID-j7wt-w5x2-nye4" }, { "vulnerability": "VCID-jfw1-18np-47b8" }, { "vulnerability": "VCID-js15-jev6-6fbs" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-jwze-7mfw-r3ax" }, { "vulnerability": "VCID-k131-mfqm-dka9" }, { "vulnerability": "VCID-k5hu-n47k-wffm" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-m59v-ygc2-qucg" }, { "vulnerability": "VCID-mupu-c1j2-xkgs" }, { "vulnerability": "VCID-npyt-d8qr-wqdj" }, { "vulnerability": "VCID-nr84-88hy-6fah" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pbrt-gcqj-kycv" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q4x5-dz5r-jqgr" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-qptm-f15t-57gj" }, { "vulnerability": "VCID-qtp4-ada6-tydd" }, { "vulnerability": "VCID-qu91-vc1p-dyb1" }, { "vulnerability": "VCID-r8en-yg26-w3a1" }, { "vulnerability": "VCID-rsda-j27d-8bdc" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-t4bj-qz9s-s7eb" }, { "vulnerability": "VCID-tb9n-zfut-ubht" }, { "vulnerability": "VCID-tgya-wnfn-t7eb" }, { "vulnerability": "VCID-tjjd-y1pq-ckf4" }, { "vulnerability": "VCID-ut8d-5w7x-4qg2" }, { "vulnerability": "VCID-va34-kurf-uycj" }, { "vulnerability": "VCID-va3j-erp3-3ugy" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-wgxa-54sd-rqd6" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yegk-sgdn-z3ae" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-ysg5-wc3n-fbgw" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z4ad-5vm8-t3g2" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-2790" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-86q8-2yv7-efez" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50400?format=api", "vulnerability_id": "VCID-avw6-7aqv-hbaa", "summary": "Multiple vulnerabilities have been found in Mozilla SeaMonkey, the\n worst of which could lead to the remote execution of arbitrary code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2843.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T12:50:20Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2843.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2850.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T12:50:20Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2850.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9079.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9079.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9079", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.84813", "scoring_system": "epss", "scoring_elements": "0.9934", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.84813", "scoring_system": "epss", "scoring_elements": "0.99336", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.84813", "scoring_system": "epss", "scoring_elements": "0.99343", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.84813", "scoring_system": "epss", "scoring_elements": "0.99341", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.84813", "scoring_system": "epss", "scoring_elements": "0.99337", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.84813", "scoring_system": "epss", "scoring_elements": "0.99339", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.84813", "scoring_system": "epss", "scoring_elements": "0.99335", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9079" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1321066", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T12:50:20Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1321066" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-9079", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-9079" }, { "reference_url": "https://www.debian.org/security/2016/dsa-3730", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T12:50:20Z/" } ], "url": "https://www.debian.org/security/2016/dsa-3730" }, { "reference_url": "https://www.exploit-db.com/exploits/41151/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T12:50:20Z/" } ], "url": "https://www.exploit-db.com/exploits/41151/" }, { "reference_url": "https://www.exploit-db.com/exploits/42327/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T12:50:20Z/" } ], "url": "https://www.exploit-db.com/exploits/42327/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2016-92/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T12:50:20Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2016-92/" }, { "reference_url": "http://www.securityfocus.com/bid/94591", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T12:50:20Z/" } ], "url": "http://www.securityfocus.com/bid/94591" }, { "reference_url": "http://www.securitytracker.com/id/1037370", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T12:50:20Z/" } ], "url": "http://www.securitytracker.com/id/1037370" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1400376", "reference_id": "1400376", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1400376" }, { "reference_url": "https://security.archlinux.org/ASA-201612-1", "reference_id": "ASA-201612-1", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201612-1" }, { "reference_url": "https://security.archlinux.org/ASA-201612-2", "reference_id": "ASA-201612-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201612-2" }, { "reference_url": "https://security.archlinux.org/AVG-90", "reference_id": "AVG-90", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-90" }, { "reference_url": "https://security.archlinux.org/AVG-91", "reference_id": "AVG-91", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-91" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:torproject:tor:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:torproject:tor:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:torproject:tor:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://github.com/rapid7/metasploit-framework/blob/f4db90edeb7f03ce1e95f5898954cbea7e13ff6c/modules/exploits/windows/browser/firefox_smil_uaf.rb", "reference_id": "CVE-2016-9079", "reference_type": "exploit", "scores": [], "url": "https://github.com/rapid7/metasploit-framework/blob/f4db90edeb7f03ce1e95f5898954cbea7e13ff6c/modules/exploits/windows/browser/firefox_smil_uaf.rb" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/41151.rb", "reference_id": "CVE-2016-9079", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/41151.rb" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9079", "reference_id": "CVE-2016-9079", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:N" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9079" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/42327.html", "reference_id": "CVE-2017-5375;CVE-2016-9079", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/42327.html" }, { "reference_url": "https://rh0dev.github.io/blog/2017/the-return-of-the-jit/", "reference_id": "CVE-2017-5375;CVE-2016-9079", "reference_type": "exploit", "scores": [], "url": "https://rh0dev.github.io/blog/2017/the-return-of-the-jit/" }, { "reference_url": "https://security.gentoo.org/glsa/201701-15", "reference_id": "GLSA-201701-15", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T12:50:20Z/" } ], "url": "https://security.gentoo.org/glsa/201701-15" }, { "reference_url": "https://security.gentoo.org/glsa/201701-35", "reference_id": "GLSA-201701-35", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T12:50:20Z/" } ], "url": "https://security.gentoo.org/glsa/201701-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-92", "reference_id": "mfsa2016-92", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-92" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2843", "reference_id": "RHSA-2016:2843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2850", "reference_id": "RHSA-2016:2850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2850" }, { "reference_url": "https://usn.ubuntu.com/3140-1/", "reference_id": "USN-3140-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3140-1/" }, { "reference_url": "https://usn.ubuntu.com/3141-1/", "reference_id": "USN-3141-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3141-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-9079" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-avw6-7aqv-hbaa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41546?format=api", "vulnerability_id": "VCID-bjyq-1zfk-eugq", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0190.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0190.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0238.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0238.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5383.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5383.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02444", "scoring_system": "epss", "scoring_elements": "0.85185", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02444", "scoring_system": "epss", "scoring_elements": "0.85188", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02444", "scoring_system": "epss", "scoring_elements": "0.85113", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02444", "scoring_system": "epss", "scoring_elements": "0.8519", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02444", "scoring_system": "epss", "scoring_elements": "0.85176", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02444", "scoring_system": "epss", "scoring_elements": "0.85168", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02444", "scoring_system": "epss", "scoring_elements": "0.85146", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02444", "scoring_system": "epss", "scoring_elements": "0.85126", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02444", "scoring_system": "epss", "scoring_elements": "0.85143", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5383" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1323338", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1323338" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1324716", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1324716" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3771" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3832", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3832" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-01/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-01/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-02/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-02/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-03/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-03/" }, { "reference_url": "http://www.securityfocus.com/bid/95769", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/95769" }, { "reference_url": "http://www.securitytracker.com/id/1037693", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037693" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416281", "reference_id": "1416281", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416281" }, { "reference_url": "https://security.archlinux.org/ASA-201701-39", "reference_id": "ASA-201701-39", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-39" }, { "reference_url": "https://security.archlinux.org/ASA-201701-40", "reference_id": "ASA-201701-40", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-40" }, { "reference_url": "https://security.archlinux.org/AVG-157", "reference_id": "AVG-157", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-157" }, { "reference_url": "https://security.archlinux.org/AVG-158", "reference_id": "AVG-158", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-158" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5383", "reference_id": "CVE-2017-5383", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5383" }, { "reference_url": "https://security.gentoo.org/glsa/201702-13", "reference_id": "GLSA-201702-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-13" }, { "reference_url": "https://security.gentoo.org/glsa/201702-22", "reference_id": "GLSA-201702-22", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-22" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01", "reference_id": "mfsa2017-01", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-02", "reference_id": "mfsa2017-02", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-03", "reference_id": "mfsa2017-03", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0190", "reference_id": "RHSA-2017:0190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0190" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0238", "reference_id": "RHSA-2017:0238", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0238" }, { "reference_url": "https://usn.ubuntu.com/3165-1/", "reference_id": "USN-3165-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3165-1/" }, { "reference_url": "https://usn.ubuntu.com/3175-1/", "reference_id": "USN-3175-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3175-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2017-5383" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bjyq-1zfk-eugq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63481?format=api", "vulnerability_id": "VCID-bp6q-cu6s-2ke7", "summary": "Mozilla developers and community members reported several memory safety bugs in the\nbrowser engine used in Firefox and other Mozilla-based products. Some of these bugs showed\nevidence of memory corruption under certain circumstances, and we presume that with enough\neffort at least some of these could be exploited to run arbitrary code.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00055.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00055.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2818.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2818.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2818", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.60631", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.60504", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.60627", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.60642", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.60666", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.60652", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.60579", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.60609", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.60578", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2818" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1234147", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1234147" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1256493", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1256493" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1256739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1256739" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1256968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1256968" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1261230", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1261230" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1261752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1261752" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1263384", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1263384" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1264575", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1264575" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1265577", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1265577" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1267130", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1267130" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1269729", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1269729" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1273202", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1273202" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1273701", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1273701" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3600", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3600" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3647", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3647" }, { "reference_url": "http://www.mozilla.org/security/announce/2016/mfsa2016-49.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-49.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" }, { "reference_url": "http://www.securityfocus.com/bid/91075", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/91075" }, { "reference_url": "http://www.securitytracker.com/id/1036057", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1036057" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2993-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2993-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-3023-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-3023-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1342887", "reference_id": "1342887", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1342887" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:sp1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:sp1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:sp1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:sp1:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:sp1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:sp1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:sp1:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:sp1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:sp1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2818", "reference_id": "CVE-2016-2818", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2818" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2818", "reference_id": "CVE-2016-2818", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2818" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-49", "reference_id": "mfsa2016-49", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-49" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1217", "reference_id": "RHSA-2016:1217", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1217" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1392", "reference_id": "RHSA-2016:1392", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1392" }, { "reference_url": "https://usn.ubuntu.com/2993-1/", "reference_id": "USN-2993-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2993-1/" }, { "reference_url": "https://usn.ubuntu.com/3023-1/", "reference_id": "USN-3023-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3023-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-2818" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bp6q-cu6s-2ke7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43531?format=api", "vulnerability_id": "VCID-bwm1-yauc-xudu", "summary": "Multiple vulnerabilities have been found in Graphite, the worst of\n which could lead to the remote execution of arbitrary code.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2801.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2801.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2801", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68422", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68356", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.6844", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68467", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68455", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68377", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68396", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68373", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68423", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2801" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1249920", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1249920" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3510", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3510" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3515", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3515" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3520", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3520" }, { "reference_url": "http://www.mozilla.org/security/announce/2016/mfsa2016-37.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-37.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "reference_url": "http://www.securityfocus.com/bid/84222", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/84222" }, { "reference_url": "http://www.securitytracker.com/id/1035215", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1035215" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-2" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-3" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2927-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2927-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2934-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2934-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315795", "reference_id": "1315795", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315795" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2801", "reference_id": "CVE-2016-2801", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2801" }, { "reference_url": "https://security.gentoo.org/glsa/201605-06", "reference_id": "GLSA-201605-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201605-06" }, { "reference_url": "https://security.gentoo.org/glsa/201701-63", "reference_id": "GLSA-201701-63", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-63" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37", "reference_id": "mfsa2016-37", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0373", "reference_id": "RHSA-2016:0373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0460", "reference_id": "RHSA-2016:0460", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0460" }, { "reference_url": "https://usn.ubuntu.com/2917-1/", "reference_id": "USN-2917-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2917-1/" }, { "reference_url": "https://usn.ubuntu.com/2927-1/", "reference_id": "USN-2927-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2927-1/" }, { "reference_url": "https://usn.ubuntu.com/2934-1/", "reference_id": "USN-2934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2934-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571079?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-19cb-y1de-u3bn" }, { "vulnerability": "VCID-1tcx-3zn1-ykdq" }, { "vulnerability": "VCID-2ptm-gx1p-uyhf" }, { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-3dea-vjmc-b7eb" }, { "vulnerability": "VCID-3ehk-593t-abcp" }, { "vulnerability": "VCID-3nup-1513-ybaq" }, { "vulnerability": "VCID-3tww-nhmh-gua6" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4azu-y4y6-nyff" }, { "vulnerability": "VCID-4d2q-usge-77ft" }, { "vulnerability": "VCID-4hnb-y6bt-4fb1" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-545u-wnrj-z3dh" }, { "vulnerability": "VCID-5dyh-s3yd-vqes" }, { "vulnerability": "VCID-5n3q-eby7-67de" }, { "vulnerability": "VCID-5wqt-2dtu-8qa4" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-667g-8khd-kkhm" }, { "vulnerability": "VCID-67my-umrg-wkgm" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-84kk-wfxx-t3c8" }, { "vulnerability": "VCID-86q8-2yv7-efez" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-avw6-7aqv-hbaa" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-bjyq-1zfk-eugq" }, { "vulnerability": "VCID-bp6q-cu6s-2ke7" }, { "vulnerability": "VCID-bwm1-yauc-xudu" }, { "vulnerability": "VCID-c3ex-zw8a-6bcy" }, { "vulnerability": "VCID-c83b-ttr4-83em" }, { "vulnerability": "VCID-c8p3-ef58-wudt" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-dk4z-1j37-aucx" }, { "vulnerability": "VCID-dxr7-qubc-tyb7" }, { "vulnerability": "VCID-ecm1-2298-mkfm" }, { "vulnerability": "VCID-ekxy-vaed-u7cg" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-fjam-jfc1-pkbv" }, { "vulnerability": "VCID-gcen-3yba-a3ht" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-hyhc-qud7-6uax" }, { "vulnerability": "VCID-j2ga-ggcd-fkg1" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-j6x8-vnns-1yfg" }, { "vulnerability": "VCID-j7wt-w5x2-nye4" }, { "vulnerability": "VCID-jfw1-18np-47b8" }, { "vulnerability": "VCID-js15-jev6-6fbs" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-jwze-7mfw-r3ax" }, { "vulnerability": "VCID-k131-mfqm-dka9" }, { "vulnerability": "VCID-k5hu-n47k-wffm" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-m59v-ygc2-qucg" }, { "vulnerability": "VCID-mupu-c1j2-xkgs" }, { "vulnerability": "VCID-npyt-d8qr-wqdj" }, { "vulnerability": "VCID-nr84-88hy-6fah" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pbrt-gcqj-kycv" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q4x5-dz5r-jqgr" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-qptm-f15t-57gj" }, { "vulnerability": "VCID-qtp4-ada6-tydd" }, { "vulnerability": "VCID-qu91-vc1p-dyb1" }, { "vulnerability": "VCID-r8en-yg26-w3a1" }, { "vulnerability": "VCID-rsda-j27d-8bdc" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-t4bj-qz9s-s7eb" }, { "vulnerability": "VCID-tb9n-zfut-ubht" }, { "vulnerability": "VCID-tgya-wnfn-t7eb" }, { "vulnerability": "VCID-tjjd-y1pq-ckf4" }, { "vulnerability": "VCID-ut8d-5w7x-4qg2" }, { "vulnerability": "VCID-va34-kurf-uycj" }, { "vulnerability": "VCID-va3j-erp3-3ugy" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-wgxa-54sd-rqd6" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yegk-sgdn-z3ae" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-ysg5-wc3n-fbgw" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z4ad-5vm8-t3g2" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-2801" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bwm1-yauc-xudu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56696?format=api", "vulnerability_id": "VCID-c3ex-zw8a-6bcy", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox and\n Thunderbird the worst of which could lead to the execution of arbitrary\n code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5257.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5257.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5257", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00909", "scoring_system": "epss", "scoring_elements": "0.75778", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00909", "scoring_system": "epss", "scoring_elements": "0.75768", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00909", "scoring_system": "epss", "scoring_elements": "0.75779", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00909", "scoring_system": "epss", "scoring_elements": "0.75803", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00909", "scoring_system": "epss", "scoring_elements": "0.75784", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00909", "scoring_system": "epss", "scoring_elements": "0.75721", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00909", "scoring_system": "epss", "scoring_elements": "0.75724", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00909", "scoring_system": "epss", "scoring_elements": "0.75755", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00909", "scoring_system": "epss", "scoring_elements": "0.75733", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5257" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5270", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5270" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5272", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5272" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5274", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5274" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5276", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5276" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5277" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5278", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5278" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5280", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5280" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5281", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5281" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5284", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5284" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377543", "reference_id": "1377543", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377543" }, { "reference_url": "https://security.archlinux.org/ASA-201609-22", "reference_id": "ASA-201609-22", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201609-22" }, { "reference_url": "https://security.archlinux.org/AVG-24", "reference_id": "AVG-24", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-24" }, { "reference_url": "https://security.gentoo.org/glsa/201701-15", "reference_id": "GLSA-201701-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-85", "reference_id": "mfsa2016-85", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-85" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-86", "reference_id": "mfsa2016-86", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-86" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-88", "reference_id": "mfsa2016-88", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-88" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1912", "reference_id": "RHSA-2016:1912", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1912" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1985", "reference_id": "RHSA-2016:1985", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1985" }, { "reference_url": "https://usn.ubuntu.com/3076-1/", "reference_id": "USN-3076-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3076-1/" }, { "reference_url": "https://usn.ubuntu.com/3112-1/", "reference_id": "USN-3112-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3112-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-5257" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c3ex-zw8a-6bcy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43513?format=api", "vulnerability_id": "VCID-c83b-ttr4-83em", "summary": "Multiple vulnerabilities have been found in Graphite, the worst of\n which could lead to the remote execution of arbitrary code.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2797.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2797.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2797", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.6834", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68276", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.6836", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68386", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68373", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68296", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68316", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68292", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68343", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2797" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1243823", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1243823" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3510", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3510" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3515", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3515" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3520", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3520" }, { "reference_url": "http://www.mozilla.org/security/announce/2016/mfsa2016-37.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-37.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "reference_url": "http://www.securityfocus.com/bid/84222", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/84222" }, { "reference_url": "http://www.securitytracker.com/id/1035215", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1035215" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-2" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-3" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2927-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2927-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2934-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2934-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315795", "reference_id": "1315795", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315795" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2797", "reference_id": "CVE-2016-2797", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2797" }, { "reference_url": "https://security.gentoo.org/glsa/201605-06", "reference_id": "GLSA-201605-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201605-06" }, { "reference_url": "https://security.gentoo.org/glsa/201701-63", "reference_id": "GLSA-201701-63", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-63" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37", "reference_id": "mfsa2016-37", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0373", "reference_id": "RHSA-2016:0373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0460", "reference_id": "RHSA-2016:0460", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0460" }, { "reference_url": "https://usn.ubuntu.com/2917-1/", "reference_id": "USN-2917-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2917-1/" }, { "reference_url": "https://usn.ubuntu.com/2927-1/", "reference_id": "USN-2927-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2927-1/" }, { "reference_url": "https://usn.ubuntu.com/2934-1/", "reference_id": "USN-2934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2934-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571079?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-19cb-y1de-u3bn" }, { "vulnerability": "VCID-1tcx-3zn1-ykdq" }, { "vulnerability": "VCID-2ptm-gx1p-uyhf" }, { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-3dea-vjmc-b7eb" }, { "vulnerability": "VCID-3ehk-593t-abcp" }, { "vulnerability": "VCID-3nup-1513-ybaq" }, { "vulnerability": "VCID-3tww-nhmh-gua6" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4azu-y4y6-nyff" }, { "vulnerability": "VCID-4d2q-usge-77ft" }, { "vulnerability": "VCID-4hnb-y6bt-4fb1" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-545u-wnrj-z3dh" }, { "vulnerability": "VCID-5dyh-s3yd-vqes" }, { "vulnerability": "VCID-5n3q-eby7-67de" }, { "vulnerability": "VCID-5wqt-2dtu-8qa4" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-667g-8khd-kkhm" }, { "vulnerability": "VCID-67my-umrg-wkgm" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-84kk-wfxx-t3c8" }, { "vulnerability": "VCID-86q8-2yv7-efez" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-avw6-7aqv-hbaa" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-bjyq-1zfk-eugq" }, { "vulnerability": "VCID-bp6q-cu6s-2ke7" }, { "vulnerability": "VCID-bwm1-yauc-xudu" }, { "vulnerability": "VCID-c3ex-zw8a-6bcy" }, { "vulnerability": "VCID-c83b-ttr4-83em" }, { "vulnerability": "VCID-c8p3-ef58-wudt" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-dk4z-1j37-aucx" }, { "vulnerability": "VCID-dxr7-qubc-tyb7" }, { "vulnerability": "VCID-ecm1-2298-mkfm" }, { "vulnerability": "VCID-ekxy-vaed-u7cg" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-fjam-jfc1-pkbv" }, { "vulnerability": "VCID-gcen-3yba-a3ht" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-hyhc-qud7-6uax" }, { "vulnerability": "VCID-j2ga-ggcd-fkg1" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-j6x8-vnns-1yfg" }, { "vulnerability": "VCID-j7wt-w5x2-nye4" }, { "vulnerability": "VCID-jfw1-18np-47b8" }, { "vulnerability": "VCID-js15-jev6-6fbs" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-jwze-7mfw-r3ax" }, { "vulnerability": "VCID-k131-mfqm-dka9" }, { "vulnerability": "VCID-k5hu-n47k-wffm" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-m59v-ygc2-qucg" }, { "vulnerability": "VCID-mupu-c1j2-xkgs" }, { "vulnerability": "VCID-npyt-d8qr-wqdj" }, { "vulnerability": "VCID-nr84-88hy-6fah" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pbrt-gcqj-kycv" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q4x5-dz5r-jqgr" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-qptm-f15t-57gj" }, { "vulnerability": "VCID-qtp4-ada6-tydd" }, { "vulnerability": "VCID-qu91-vc1p-dyb1" }, { "vulnerability": "VCID-r8en-yg26-w3a1" }, { "vulnerability": "VCID-rsda-j27d-8bdc" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-t4bj-qz9s-s7eb" }, { "vulnerability": "VCID-tb9n-zfut-ubht" }, { "vulnerability": "VCID-tgya-wnfn-t7eb" }, { "vulnerability": "VCID-tjjd-y1pq-ckf4" }, { "vulnerability": "VCID-ut8d-5w7x-4qg2" }, { "vulnerability": "VCID-va34-kurf-uycj" }, { "vulnerability": "VCID-va3j-erp3-3ugy" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-wgxa-54sd-rqd6" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yegk-sgdn-z3ae" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-ysg5-wc3n-fbgw" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z4ad-5vm8-t3g2" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-2797" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c83b-ttr4-83em" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41543?format=api", "vulnerability_id": "VCID-c8p3-ef58-wudt", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0190.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0190.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0238.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0238.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5376.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5376.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82781", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82785", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82714", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.8279", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82774", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82767", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82741", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.8273", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.82744", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5376" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1311687", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1311687" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3771" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3832", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3832" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-01/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-01/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-02/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-02/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-03/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-03/" }, { "reference_url": "http://www.securityfocus.com/bid/95758", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/95758" }, { "reference_url": "http://www.securitytracker.com/id/1037693", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037693" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416272", "reference_id": "1416272", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416272" }, { "reference_url": "https://security.archlinux.org/ASA-201701-39", "reference_id": "ASA-201701-39", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-39" }, { "reference_url": "https://security.archlinux.org/ASA-201701-40", "reference_id": "ASA-201701-40", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-40" }, { "reference_url": "https://security.archlinux.org/AVG-157", "reference_id": "AVG-157", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-157" }, { "reference_url": "https://security.archlinux.org/AVG-158", "reference_id": "AVG-158", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-158" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5376", "reference_id": "CVE-2017-5376", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5376" }, { "reference_url": "https://security.gentoo.org/glsa/201702-13", "reference_id": "GLSA-201702-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-13" }, { "reference_url": "https://security.gentoo.org/glsa/201702-22", "reference_id": "GLSA-201702-22", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-22" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01", "reference_id": "mfsa2017-01", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-02", "reference_id": "mfsa2017-02", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-03", "reference_id": "mfsa2017-03", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0190", "reference_id": "RHSA-2017:0190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0190" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0238", "reference_id": "RHSA-2017:0238", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0238" }, { "reference_url": "https://usn.ubuntu.com/3165-1/", "reference_id": "USN-3165-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3165-1/" }, { "reference_url": "https://usn.ubuntu.com/3175-1/", "reference_id": "USN-3175-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3175-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2017-5376" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c8p3-ef58-wudt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51785?format=api", "vulnerability_id": "VCID-dk4z-1j37-aucx", "summary": "Multiple vulnerabilities have been found in Firefox, Thunderbird,\n Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with\n the worst of which may allow remote execution of arbitrary code.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-0591.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-0591.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-0684.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-0684.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-0685.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-0685.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1979.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1979.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1979", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00707", "scoring_system": "epss", "scoring_elements": "0.72159", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00707", "scoring_system": "epss", "scoring_elements": "0.72113", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00707", "scoring_system": "epss", "scoring_elements": "0.72165", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00707", "scoring_system": "epss", "scoring_elements": "0.72188", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00707", "scoring_system": "epss", "scoring_elements": "0.72172", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00707", "scoring_system": "epss", "scoring_elements": "0.72119", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00707", "scoring_system": "epss", "scoring_elements": "0.72139", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00707", "scoring_system": "epss", "scoring_elements": "0.72117", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00707", "scoring_system": "epss", "scoring_elements": "0.72153", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1979" }, { "reference_url": "https://bto.bluecoat.com/security-advisory/sa124", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bto.bluecoat.com/security-advisory/sa124" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1185033", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1185033" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807" }, { "reference_url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21.1_release_notes", "reference_id": "", "reference_type": "", "scores": [], "url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21.1_release_notes" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3576", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3576" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3688", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3688" }, { "reference_url": "http://www.mozilla.org/security/announce/2016/mfsa2016-36.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-36.html" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html" }, { "reference_url": "http://www.securityfocus.com/bid/84221", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/84221" }, { "reference_url": "http://www.securitytracker.com/id/1035215", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1035215" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2973-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2973-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315202", "reference_id": "1315202", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315202" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:network_security_services:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services:*:*:*:*:*:*:*:*" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1979", "reference_id": "CVE-2016-1979", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1979" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1979", "reference_id": "CVE-2016-1979", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1979" }, { "reference_url": "https://security.gentoo.org/glsa/201605-06", "reference_id": "GLSA-201605-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201605-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-36", "reference_id": "mfsa2016-36", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-36" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0591", "reference_id": "RHSA-2016:0591", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0591" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0684", "reference_id": "RHSA-2016:0684", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0684" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0685", "reference_id": "RHSA-2016:0685", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0685" }, { "reference_url": "https://usn.ubuntu.com/2973-1/", "reference_id": "USN-2973-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2973-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-1979" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dk4z-1j37-aucx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31905?format=api", "vulnerability_id": "VCID-dxr7-qubc-tyb7", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5401.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5401.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02199", "scoring_system": "epss", "scoring_elements": "0.84414", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02199", "scoring_system": "epss", "scoring_elements": "0.84418", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02199", "scoring_system": "epss", "scoring_elements": "0.84425", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02199", "scoring_system": "epss", "scoring_elements": "0.84343", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02199", "scoring_system": "epss", "scoring_elements": "0.8438", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02199", "scoring_system": "epss", "scoring_elements": "0.84402", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02199", "scoring_system": "epss", "scoring_elements": "0.84357", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02199", "scoring_system": "epss", "scoring_elements": "0.84378", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02199", "scoring_system": "epss", "scoring_elements": "0.84407", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5401" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1328861", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1328861" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3805" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3832", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3832" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-06/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-06/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-07/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-07/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-09/" }, { "reference_url": "http://www.securityfocus.com/bid/96677", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96677" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429779", "reference_id": "1429779", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429779" }, { "reference_url": "https://security.archlinux.org/ASA-201703-2", "reference_id": "ASA-201703-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-2" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-193", "reference_id": "AVG-193", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-193" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5401", "reference_id": "CVE-2017-5401", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5401" }, { "reference_url": "https://security.gentoo.org/glsa/201705-06", "reference_id": "GLSA-201705-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-06" }, { "reference_url": "https://security.gentoo.org/glsa/201705-07", "reference_id": "GLSA-201705-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06", "reference_id": "mfsa2017-06", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07", "reference_id": "mfsa2017-07", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0459", "reference_id": "RHSA-2017:0459", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0459" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0461", "reference_id": "RHSA-2017:0461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0498", "reference_id": "RHSA-2017:0498", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0498" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" }, { "reference_url": "https://usn.ubuntu.com/3233-1/", "reference_id": "USN-3233-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3233-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2017-5401" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dxr7-qubc-tyb7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43524?format=api", "vulnerability_id": "VCID-ecm1-2298-mkfm", "summary": "Multiple vulnerabilities have been found in Graphite, the worst of\n which could lead to the remote execution of arbitrary code.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2799.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2799.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2799", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00646", "scoring_system": "epss", "scoring_elements": "0.70703", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00646", "scoring_system": "epss", "scoring_elements": "0.7064", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00646", "scoring_system": "epss", "scoring_elements": "0.70712", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00646", "scoring_system": "epss", "scoring_elements": "0.70735", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00646", "scoring_system": "epss", "scoring_elements": "0.70718", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00646", "scoring_system": "epss", "scoring_elements": "0.70655", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00646", "scoring_system": "epss", "scoring_elements": "0.70673", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00646", "scoring_system": "epss", "scoring_elements": "0.70651", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00646", "scoring_system": "epss", "scoring_elements": "0.70696", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2799" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1249081", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1249081" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3510", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3510" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3515", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3515" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3520", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3520" }, { "reference_url": "http://www.mozilla.org/security/announce/2016/mfsa2016-37.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-37.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "reference_url": "http://www.securityfocus.com/bid/84222", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/84222" }, { "reference_url": "http://www.securitytracker.com/id/1035215", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1035215" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-2" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-3" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2927-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2927-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2934-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2934-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315795", "reference_id": "1315795", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315795" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2799", "reference_id": "CVE-2016-2799", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:C/I:C/A:C" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2799" }, { "reference_url": "https://security.gentoo.org/glsa/201605-06", "reference_id": "GLSA-201605-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201605-06" }, { "reference_url": "https://security.gentoo.org/glsa/201701-63", "reference_id": "GLSA-201701-63", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-63" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37", "reference_id": "mfsa2016-37", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0373", "reference_id": "RHSA-2016:0373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0460", "reference_id": "RHSA-2016:0460", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0460" }, { "reference_url": "https://usn.ubuntu.com/2917-1/", "reference_id": "USN-2917-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2917-1/" }, { "reference_url": "https://usn.ubuntu.com/2927-1/", "reference_id": "USN-2927-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2927-1/" }, { "reference_url": "https://usn.ubuntu.com/2934-1/", "reference_id": "USN-2934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2934-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571079?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-19cb-y1de-u3bn" }, { "vulnerability": "VCID-1tcx-3zn1-ykdq" }, { "vulnerability": "VCID-2ptm-gx1p-uyhf" }, { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-3dea-vjmc-b7eb" }, { "vulnerability": "VCID-3ehk-593t-abcp" }, { "vulnerability": "VCID-3nup-1513-ybaq" }, { "vulnerability": "VCID-3tww-nhmh-gua6" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4azu-y4y6-nyff" }, { "vulnerability": "VCID-4d2q-usge-77ft" }, { "vulnerability": "VCID-4hnb-y6bt-4fb1" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-545u-wnrj-z3dh" }, { "vulnerability": "VCID-5dyh-s3yd-vqes" }, { "vulnerability": "VCID-5n3q-eby7-67de" }, { "vulnerability": "VCID-5wqt-2dtu-8qa4" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-667g-8khd-kkhm" }, { "vulnerability": "VCID-67my-umrg-wkgm" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-84kk-wfxx-t3c8" }, { "vulnerability": "VCID-86q8-2yv7-efez" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-avw6-7aqv-hbaa" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-bjyq-1zfk-eugq" }, { "vulnerability": "VCID-bp6q-cu6s-2ke7" }, { "vulnerability": "VCID-bwm1-yauc-xudu" }, { "vulnerability": "VCID-c3ex-zw8a-6bcy" }, { "vulnerability": "VCID-c83b-ttr4-83em" }, { "vulnerability": "VCID-c8p3-ef58-wudt" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-dk4z-1j37-aucx" }, { "vulnerability": "VCID-dxr7-qubc-tyb7" }, { "vulnerability": "VCID-ecm1-2298-mkfm" }, { "vulnerability": "VCID-ekxy-vaed-u7cg" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-fjam-jfc1-pkbv" }, { "vulnerability": "VCID-gcen-3yba-a3ht" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-hyhc-qud7-6uax" }, { "vulnerability": "VCID-j2ga-ggcd-fkg1" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-j6x8-vnns-1yfg" }, { "vulnerability": "VCID-j7wt-w5x2-nye4" }, { "vulnerability": "VCID-jfw1-18np-47b8" }, { "vulnerability": "VCID-js15-jev6-6fbs" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-jwze-7mfw-r3ax" }, { "vulnerability": "VCID-k131-mfqm-dka9" }, { "vulnerability": "VCID-k5hu-n47k-wffm" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-m59v-ygc2-qucg" }, { "vulnerability": "VCID-mupu-c1j2-xkgs" }, { "vulnerability": "VCID-npyt-d8qr-wqdj" }, { "vulnerability": "VCID-nr84-88hy-6fah" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pbrt-gcqj-kycv" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q4x5-dz5r-jqgr" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-qptm-f15t-57gj" }, { "vulnerability": "VCID-qtp4-ada6-tydd" }, { "vulnerability": "VCID-qu91-vc1p-dyb1" }, { "vulnerability": "VCID-r8en-yg26-w3a1" }, { "vulnerability": "VCID-rsda-j27d-8bdc" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-t4bj-qz9s-s7eb" }, { "vulnerability": "VCID-tb9n-zfut-ubht" }, { "vulnerability": "VCID-tgya-wnfn-t7eb" }, { "vulnerability": "VCID-tjjd-y1pq-ckf4" }, { "vulnerability": "VCID-ut8d-5w7x-4qg2" }, { "vulnerability": "VCID-va34-kurf-uycj" }, { "vulnerability": "VCID-va3j-erp3-3ugy" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-wgxa-54sd-rqd6" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yegk-sgdn-z3ae" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-ysg5-wc3n-fbgw" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z4ad-5vm8-t3g2" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-2799" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ecm1-2298-mkfm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56751?format=api", "vulnerability_id": "VCID-ekxy-vaed-u7cg", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox and\n Thunderbird the worst of which could lead to the execution of arbitrary\n code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9074.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9074.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9074", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01221", "scoring_system": "epss", "scoring_elements": "0.79091", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01221", "scoring_system": "epss", "scoring_elements": "0.79074", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01221", "scoring_system": "epss", "scoring_elements": "0.79059", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01221", "scoring_system": "epss", "scoring_elements": "0.79083", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01221", "scoring_system": "epss", "scoring_elements": "0.7909", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01221", "scoring_system": "epss", "scoring_elements": "0.79115", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01221", "scoring_system": "epss", "scoring_elements": "0.79101", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01221", "scoring_system": "epss", "scoring_elements": "0.79041", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01221", "scoring_system": "epss", "scoring_elements": "0.79047", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9074" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1293334", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1293334" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9064", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9064" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2016/dsa-3730", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2016/dsa-3730" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2016-89/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2016-89/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2016-90/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2016-90/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2016-93/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2016-93/" }, { "reference_url": "http://www.securityfocus.com/bid/94341", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/94341" }, { "reference_url": "http://www.securitytracker.com/id/1037298", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037298" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1396548", "reference_id": "1396548", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1396548" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9074", "reference_id": "CVE-2016-9074", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" }, { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9074" }, { "reference_url": "https://security.gentoo.org/glsa/201701-15", "reference_id": "GLSA-201701-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-15" }, { "reference_url": "https://security.gentoo.org/glsa/201701-46", "reference_id": "GLSA-201701-46", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-46" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89", "reference_id": "mfsa2016-89", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-90", "reference_id": "mfsa2016-90", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-90" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-93", "reference_id": "mfsa2016-93", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-93" }, { "reference_url": "https://usn.ubuntu.com/3163-1/", "reference_id": "USN-3163-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3163-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-9074" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ekxy-vaed-u7cg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43509?format=api", "vulnerability_id": "VCID-fjam-jfc1-pkbv", "summary": "Multiple vulnerabilities have been found in Graphite, the worst of\n which could lead to the remote execution of arbitrary code.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2795.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2795.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2795", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68422", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68356", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.6844", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68467", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68455", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68377", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68396", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68373", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68423", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2795" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1243597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1243597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3510", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3510" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3515", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3515" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3520", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3520" }, { "reference_url": "http://www.mozilla.org/security/announce/2016/mfsa2016-37.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-37.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "reference_url": "http://www.securityfocus.com/bid/84222", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/84222" }, { "reference_url": "http://www.securitytracker.com/id/1035215", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1035215" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-2" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-3" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2927-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2927-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2934-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2934-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315795", "reference_id": "1315795", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315795" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2795", "reference_id": "CVE-2016-2795", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2795" }, { "reference_url": "https://security.gentoo.org/glsa/201605-06", "reference_id": "GLSA-201605-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201605-06" }, { "reference_url": "https://security.gentoo.org/glsa/201701-63", "reference_id": "GLSA-201701-63", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-63" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37", "reference_id": "mfsa2016-37", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0373", "reference_id": "RHSA-2016:0373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0460", "reference_id": "RHSA-2016:0460", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0460" }, { "reference_url": "https://usn.ubuntu.com/2917-1/", "reference_id": "USN-2917-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2917-1/" }, { "reference_url": "https://usn.ubuntu.com/2927-1/", "reference_id": "USN-2927-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2927-1/" }, { "reference_url": "https://usn.ubuntu.com/2934-1/", "reference_id": "USN-2934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2934-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571079?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-19cb-y1de-u3bn" }, { "vulnerability": "VCID-1tcx-3zn1-ykdq" }, { "vulnerability": "VCID-2ptm-gx1p-uyhf" }, { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-3dea-vjmc-b7eb" }, { "vulnerability": "VCID-3ehk-593t-abcp" }, { "vulnerability": "VCID-3nup-1513-ybaq" }, { "vulnerability": "VCID-3tww-nhmh-gua6" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4azu-y4y6-nyff" }, { "vulnerability": "VCID-4d2q-usge-77ft" }, { "vulnerability": "VCID-4hnb-y6bt-4fb1" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-545u-wnrj-z3dh" }, { "vulnerability": "VCID-5dyh-s3yd-vqes" }, { "vulnerability": "VCID-5n3q-eby7-67de" }, { "vulnerability": "VCID-5wqt-2dtu-8qa4" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-667g-8khd-kkhm" }, { "vulnerability": "VCID-67my-umrg-wkgm" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-84kk-wfxx-t3c8" }, { "vulnerability": "VCID-86q8-2yv7-efez" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-avw6-7aqv-hbaa" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-bjyq-1zfk-eugq" }, { "vulnerability": "VCID-bp6q-cu6s-2ke7" }, { "vulnerability": "VCID-bwm1-yauc-xudu" }, { "vulnerability": "VCID-c3ex-zw8a-6bcy" }, { "vulnerability": "VCID-c83b-ttr4-83em" }, { "vulnerability": "VCID-c8p3-ef58-wudt" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-dk4z-1j37-aucx" }, { "vulnerability": "VCID-dxr7-qubc-tyb7" }, { "vulnerability": "VCID-ecm1-2298-mkfm" }, { "vulnerability": "VCID-ekxy-vaed-u7cg" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-fjam-jfc1-pkbv" }, { "vulnerability": "VCID-gcen-3yba-a3ht" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-hyhc-qud7-6uax" }, { "vulnerability": "VCID-j2ga-ggcd-fkg1" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-j6x8-vnns-1yfg" }, { "vulnerability": "VCID-j7wt-w5x2-nye4" }, { "vulnerability": "VCID-jfw1-18np-47b8" }, { "vulnerability": "VCID-js15-jev6-6fbs" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-jwze-7mfw-r3ax" }, { "vulnerability": "VCID-k131-mfqm-dka9" }, { "vulnerability": "VCID-k5hu-n47k-wffm" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-m59v-ygc2-qucg" }, { "vulnerability": "VCID-mupu-c1j2-xkgs" }, { "vulnerability": "VCID-npyt-d8qr-wqdj" }, { "vulnerability": "VCID-nr84-88hy-6fah" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pbrt-gcqj-kycv" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q4x5-dz5r-jqgr" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-qptm-f15t-57gj" }, { "vulnerability": "VCID-qtp4-ada6-tydd" }, { "vulnerability": "VCID-qu91-vc1p-dyb1" }, { "vulnerability": "VCID-r8en-yg26-w3a1" }, { "vulnerability": "VCID-rsda-j27d-8bdc" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-t4bj-qz9s-s7eb" }, { "vulnerability": "VCID-tb9n-zfut-ubht" }, { "vulnerability": "VCID-tgya-wnfn-t7eb" }, { "vulnerability": "VCID-tjjd-y1pq-ckf4" }, { "vulnerability": "VCID-ut8d-5w7x-4qg2" }, { "vulnerability": "VCID-va34-kurf-uycj" }, { "vulnerability": "VCID-va3j-erp3-3ugy" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-wgxa-54sd-rqd6" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yegk-sgdn-z3ae" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-ysg5-wc3n-fbgw" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z4ad-5vm8-t3g2" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-2795" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fjam-jfc1-pkbv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41542?format=api", "vulnerability_id": "VCID-gcen-3yba-a3ht", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0190.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0190.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0238.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0238.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5375.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5375.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.60738", "scoring_system": "epss", "scoring_elements": "0.98294", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.60738", "scoring_system": "epss", "scoring_elements": "0.9829", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.60738", "scoring_system": "epss", "scoring_elements": "0.98279", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.60738", "scoring_system": "epss", "scoring_elements": "0.98284", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.60738", "scoring_system": "epss", "scoring_elements": "0.98289", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.60738", "scoring_system": "epss", "scoring_elements": "0.98285", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.60738", "scoring_system": "epss", "scoring_elements": "0.98281", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5375" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1325200", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1325200" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3771" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3832", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3832" }, { "reference_url": "https://www.exploit-db.com/exploits/42327/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/42327/" }, { "reference_url": "https://www.exploit-db.com/exploits/44293/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/44293/" }, { "reference_url": "https://www.exploit-db.com/exploits/44294/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/44294/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-01/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-01/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-02/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-02/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-03/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-03/" }, { "reference_url": "http://www.securityfocus.com/bid/95757", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/95757" }, { "reference_url": "http://www.securitytracker.com/id/1037693", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037693" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416271", "reference_id": "1416271", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416271" }, { "reference_url": "https://security.archlinux.org/ASA-201701-39", "reference_id": "ASA-201701-39", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-39" }, { "reference_url": "https://security.archlinux.org/ASA-201701-40", "reference_id": "ASA-201701-40", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-40" }, { "reference_url": "https://security.archlinux.org/AVG-157", "reference_id": "AVG-157", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-157" }, { "reference_url": "https://security.archlinux.org/AVG-158", "reference_id": "AVG-158", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-158" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5375", "reference_id": "CVE-2017-5375", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5375" }, { "reference_url": "https://security.gentoo.org/glsa/201702-13", "reference_id": "GLSA-201702-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-13" }, { "reference_url": "https://security.gentoo.org/glsa/201702-22", "reference_id": "GLSA-201702-22", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-22" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01", "reference_id": "mfsa2017-01", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-02", "reference_id": "mfsa2017-02", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-03", "reference_id": "mfsa2017-03", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0190", "reference_id": "RHSA-2017:0190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0190" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0238", "reference_id": "RHSA-2017:0238", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0238" }, { "reference_url": "https://usn.ubuntu.com/3165-1/", "reference_id": "USN-3165-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3165-1/" }, { "reference_url": "https://usn.ubuntu.com/3175-1/", "reference_id": "USN-3175-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3175-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2017-5375" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gcen-3yba-a3ht" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41548?format=api", "vulnerability_id": "VCID-hyhc-qud7-6uax", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0190.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0190.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0238.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0238.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5396.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5396.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01838", "scoring_system": "epss", "scoring_elements": "0.82943", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01838", "scoring_system": "epss", "scoring_elements": "0.82947", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01838", "scoring_system": "epss", "scoring_elements": "0.82878", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01838", "scoring_system": "epss", "scoring_elements": "0.82952", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01838", "scoring_system": "epss", "scoring_elements": "0.82936", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01838", "scoring_system": "epss", "scoring_elements": "0.82929", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01838", "scoring_system": "epss", "scoring_elements": "0.82904", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01838", "scoring_system": "epss", "scoring_elements": "0.82895", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01838", "scoring_system": "epss", "scoring_elements": "0.82907", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5396" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1329403", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1329403" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3771" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3832", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3832" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-01/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-01/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-02/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-02/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-03/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-03/" }, { "reference_url": "http://www.securityfocus.com/bid/95769", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/95769" }, { "reference_url": "http://www.securitytracker.com/id/1037693", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037693" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416280", "reference_id": "1416280", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416280" }, { "reference_url": "https://security.archlinux.org/ASA-201701-39", "reference_id": "ASA-201701-39", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-39" }, { "reference_url": "https://security.archlinux.org/ASA-201701-40", "reference_id": "ASA-201701-40", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-40" }, { "reference_url": "https://security.archlinux.org/AVG-157", "reference_id": "AVG-157", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-157" }, { "reference_url": "https://security.archlinux.org/AVG-158", "reference_id": "AVG-158", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-158" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5396", "reference_id": "CVE-2017-5396", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5396" }, { "reference_url": "https://security.gentoo.org/glsa/201702-13", "reference_id": "GLSA-201702-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-13" }, { "reference_url": "https://security.gentoo.org/glsa/201702-22", "reference_id": "GLSA-201702-22", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-22" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01", "reference_id": "mfsa2017-01", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-02", "reference_id": "mfsa2017-02", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-03", "reference_id": "mfsa2017-03", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0190", "reference_id": "RHSA-2017:0190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0190" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0238", "reference_id": "RHSA-2017:0238", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0238" }, { "reference_url": "https://usn.ubuntu.com/3165-1/", "reference_id": "USN-3165-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3165-1/" }, { "reference_url": "https://usn.ubuntu.com/3175-1/", "reference_id": "USN-3175-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3175-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2017-5396" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hyhc-qud7-6uax" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56637?format=api", "vulnerability_id": "VCID-j2ga-ggcd-fkg1", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox and\n Thunderbird the worst of which could lead to the execution of arbitrary\n code.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00023.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00023.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00054.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00054.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00057.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00057.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-0695.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-0695.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1041.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-1041.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2805.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2805.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2805", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00922", "scoring_system": "epss", "scoring_elements": "0.75981", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00922", "scoring_system": "epss", "scoring_elements": "0.75924", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00922", "scoring_system": "epss", "scoring_elements": "0.75972", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00922", "scoring_system": "epss", "scoring_elements": "0.75986", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00922", "scoring_system": "epss", "scoring_elements": "0.76011", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00922", "scoring_system": "epss", "scoring_elements": "0.75988", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00922", "scoring_system": "epss", "scoring_elements": "0.75928", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00922", "scoring_system": "epss", "scoring_elements": "0.7596", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00922", "scoring_system": "epss", "scoring_elements": "0.75939", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2805" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1241731", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1241731" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2808", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2808" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2814", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2814" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3559", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3559" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3576", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3576" }, { "reference_url": "http://www.mozilla.org/security/announce/2016/mfsa2016-39.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-39.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "reference_url": "http://www.securitytracker.com/id/1035692", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1035692" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2973-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2973-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1330266", "reference_id": "1330266", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1330266" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2805", "reference_id": "CVE-2016-2805", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:C/I:C/A:C" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2805" }, { "reference_url": "https://security.gentoo.org/glsa/201701-15", "reference_id": "GLSA-201701-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-39", "reference_id": "mfsa2016-39", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-39" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0695", "reference_id": "RHSA-2016:0695", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0695" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1041", "reference_id": "RHSA-2016:1041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1041" }, { "reference_url": "https://usn.ubuntu.com/2973-1/", "reference_id": "USN-2973-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2973-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-2805" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j2ga-ggcd-fkg1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43504?format=api", "vulnerability_id": "VCID-j6x8-vnns-1yfg", "summary": "Multiple vulnerabilities have been found in Graphite, the worst of\n which could lead to the remote execution of arbitrary code.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2791.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2791.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2791", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68422", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68356", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.6844", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68467", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68455", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68377", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68396", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68373", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68423", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2791" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1243473", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1243473" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3510", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3510" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3515", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3515" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3520", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3520" }, { "reference_url": "http://www.mozilla.org/security/announce/2016/mfsa2016-37.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-37.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "reference_url": "http://www.securityfocus.com/bid/84222", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/84222" }, { "reference_url": "http://www.securitytracker.com/id/1035215", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1035215" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-2" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-3" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2927-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2927-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2934-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2934-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315795", "reference_id": "1315795", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315795" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2791", "reference_id": "CVE-2016-2791", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2791" }, { "reference_url": "https://security.gentoo.org/glsa/201605-06", "reference_id": "GLSA-201605-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201605-06" }, { "reference_url": "https://security.gentoo.org/glsa/201701-63", "reference_id": "GLSA-201701-63", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-63" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37", "reference_id": "mfsa2016-37", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0373", "reference_id": "RHSA-2016:0373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0460", "reference_id": "RHSA-2016:0460", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0460" }, { "reference_url": "https://usn.ubuntu.com/2917-1/", "reference_id": "USN-2917-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2917-1/" }, { "reference_url": "https://usn.ubuntu.com/2927-1/", "reference_id": "USN-2927-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2927-1/" }, { "reference_url": "https://usn.ubuntu.com/2934-1/", "reference_id": "USN-2934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2934-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571079?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-19cb-y1de-u3bn" }, { "vulnerability": "VCID-1tcx-3zn1-ykdq" }, { "vulnerability": "VCID-2ptm-gx1p-uyhf" }, { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-3dea-vjmc-b7eb" }, { "vulnerability": "VCID-3ehk-593t-abcp" }, { "vulnerability": "VCID-3nup-1513-ybaq" }, { "vulnerability": "VCID-3tww-nhmh-gua6" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4azu-y4y6-nyff" }, { "vulnerability": "VCID-4d2q-usge-77ft" }, { "vulnerability": "VCID-4hnb-y6bt-4fb1" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-545u-wnrj-z3dh" }, { "vulnerability": "VCID-5dyh-s3yd-vqes" }, { "vulnerability": "VCID-5n3q-eby7-67de" }, { "vulnerability": "VCID-5wqt-2dtu-8qa4" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-667g-8khd-kkhm" }, { "vulnerability": "VCID-67my-umrg-wkgm" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-84kk-wfxx-t3c8" }, { "vulnerability": "VCID-86q8-2yv7-efez" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-avw6-7aqv-hbaa" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-bjyq-1zfk-eugq" }, { "vulnerability": "VCID-bp6q-cu6s-2ke7" }, { "vulnerability": "VCID-bwm1-yauc-xudu" }, { "vulnerability": "VCID-c3ex-zw8a-6bcy" }, { "vulnerability": "VCID-c83b-ttr4-83em" }, { "vulnerability": "VCID-c8p3-ef58-wudt" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-dk4z-1j37-aucx" }, { "vulnerability": "VCID-dxr7-qubc-tyb7" }, { "vulnerability": "VCID-ecm1-2298-mkfm" }, { "vulnerability": "VCID-ekxy-vaed-u7cg" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-fjam-jfc1-pkbv" }, { "vulnerability": "VCID-gcen-3yba-a3ht" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-hyhc-qud7-6uax" }, { "vulnerability": "VCID-j2ga-ggcd-fkg1" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-j6x8-vnns-1yfg" }, { "vulnerability": "VCID-j7wt-w5x2-nye4" }, { "vulnerability": "VCID-jfw1-18np-47b8" }, { "vulnerability": "VCID-js15-jev6-6fbs" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-jwze-7mfw-r3ax" }, { "vulnerability": "VCID-k131-mfqm-dka9" }, { "vulnerability": "VCID-k5hu-n47k-wffm" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-m59v-ygc2-qucg" }, { "vulnerability": "VCID-mupu-c1j2-xkgs" }, { "vulnerability": "VCID-npyt-d8qr-wqdj" }, { "vulnerability": "VCID-nr84-88hy-6fah" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pbrt-gcqj-kycv" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q4x5-dz5r-jqgr" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-qptm-f15t-57gj" }, { "vulnerability": "VCID-qtp4-ada6-tydd" }, { "vulnerability": "VCID-qu91-vc1p-dyb1" }, { "vulnerability": "VCID-r8en-yg26-w3a1" }, { "vulnerability": "VCID-rsda-j27d-8bdc" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-t4bj-qz9s-s7eb" }, { "vulnerability": "VCID-tb9n-zfut-ubht" }, { "vulnerability": "VCID-tgya-wnfn-t7eb" }, { "vulnerability": "VCID-tjjd-y1pq-ckf4" }, { "vulnerability": "VCID-ut8d-5w7x-4qg2" }, { "vulnerability": "VCID-va34-kurf-uycj" }, { "vulnerability": "VCID-va3j-erp3-3ugy" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-wgxa-54sd-rqd6" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yegk-sgdn-z3ae" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-ysg5-wc3n-fbgw" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z4ad-5vm8-t3g2" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-2791" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j6x8-vnns-1yfg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43526?format=api", "vulnerability_id": "VCID-j7wt-w5x2-nye4", "summary": "Multiple vulnerabilities have been found in Graphite, the worst of\n which could lead to the remote execution of arbitrary code.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2800.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2800.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2800", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68422", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68356", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.6844", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68467", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68455", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68377", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68396", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68373", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68423", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2800" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1249338", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1249338" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3510", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3510" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3515", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3515" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3520", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3520" }, { "reference_url": "http://www.mozilla.org/security/announce/2016/mfsa2016-37.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-37.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "reference_url": "http://www.securityfocus.com/bid/84222", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/84222" }, { "reference_url": "http://www.securitytracker.com/id/1035215", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1035215" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-2" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-3" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2927-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2927-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2934-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2934-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315795", "reference_id": "1315795", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315795" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2800", "reference_id": "CVE-2016-2800", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2800" }, { "reference_url": "https://security.gentoo.org/glsa/201605-06", "reference_id": "GLSA-201605-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201605-06" }, { "reference_url": "https://security.gentoo.org/glsa/201701-63", "reference_id": "GLSA-201701-63", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-63" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37", "reference_id": "mfsa2016-37", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0373", "reference_id": "RHSA-2016:0373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0460", "reference_id": "RHSA-2016:0460", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0460" }, { "reference_url": "https://usn.ubuntu.com/2917-1/", "reference_id": "USN-2917-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2917-1/" }, { "reference_url": "https://usn.ubuntu.com/2927-1/", "reference_id": "USN-2927-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2927-1/" }, { "reference_url": "https://usn.ubuntu.com/2934-1/", "reference_id": "USN-2934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2934-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571079?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-19cb-y1de-u3bn" }, { "vulnerability": "VCID-1tcx-3zn1-ykdq" }, { "vulnerability": "VCID-2ptm-gx1p-uyhf" }, { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-3dea-vjmc-b7eb" }, { "vulnerability": "VCID-3ehk-593t-abcp" }, { "vulnerability": "VCID-3nup-1513-ybaq" }, { "vulnerability": "VCID-3tww-nhmh-gua6" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4azu-y4y6-nyff" }, { "vulnerability": "VCID-4d2q-usge-77ft" }, { "vulnerability": "VCID-4hnb-y6bt-4fb1" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-545u-wnrj-z3dh" }, { "vulnerability": "VCID-5dyh-s3yd-vqes" }, { "vulnerability": "VCID-5n3q-eby7-67de" }, { "vulnerability": "VCID-5wqt-2dtu-8qa4" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-667g-8khd-kkhm" }, { "vulnerability": "VCID-67my-umrg-wkgm" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-84kk-wfxx-t3c8" }, { "vulnerability": "VCID-86q8-2yv7-efez" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-avw6-7aqv-hbaa" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-bjyq-1zfk-eugq" }, { "vulnerability": "VCID-bp6q-cu6s-2ke7" }, { "vulnerability": "VCID-bwm1-yauc-xudu" }, { "vulnerability": "VCID-c3ex-zw8a-6bcy" }, { "vulnerability": "VCID-c83b-ttr4-83em" }, { "vulnerability": "VCID-c8p3-ef58-wudt" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-dk4z-1j37-aucx" }, { "vulnerability": "VCID-dxr7-qubc-tyb7" }, { "vulnerability": "VCID-ecm1-2298-mkfm" }, { "vulnerability": "VCID-ekxy-vaed-u7cg" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-fjam-jfc1-pkbv" }, { "vulnerability": "VCID-gcen-3yba-a3ht" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-hyhc-qud7-6uax" }, { "vulnerability": "VCID-j2ga-ggcd-fkg1" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-j6x8-vnns-1yfg" }, { "vulnerability": "VCID-j7wt-w5x2-nye4" }, { "vulnerability": "VCID-jfw1-18np-47b8" }, { "vulnerability": "VCID-js15-jev6-6fbs" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-jwze-7mfw-r3ax" }, { "vulnerability": "VCID-k131-mfqm-dka9" }, { "vulnerability": "VCID-k5hu-n47k-wffm" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-m59v-ygc2-qucg" }, { "vulnerability": "VCID-mupu-c1j2-xkgs" }, { "vulnerability": "VCID-npyt-d8qr-wqdj" }, { "vulnerability": "VCID-nr84-88hy-6fah" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pbrt-gcqj-kycv" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q4x5-dz5r-jqgr" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-qptm-f15t-57gj" }, { "vulnerability": "VCID-qtp4-ada6-tydd" }, { "vulnerability": "VCID-qu91-vc1p-dyb1" }, { "vulnerability": "VCID-r8en-yg26-w3a1" }, { "vulnerability": "VCID-rsda-j27d-8bdc" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-t4bj-qz9s-s7eb" }, { "vulnerability": "VCID-tb9n-zfut-ubht" }, { "vulnerability": "VCID-tgya-wnfn-t7eb" }, { "vulnerability": "VCID-tjjd-y1pq-ckf4" }, { "vulnerability": "VCID-ut8d-5w7x-4qg2" }, { "vulnerability": "VCID-va34-kurf-uycj" }, { "vulnerability": "VCID-va3j-erp3-3ugy" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-wgxa-54sd-rqd6" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yegk-sgdn-z3ae" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-ysg5-wc3n-fbgw" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z4ad-5vm8-t3g2" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-2800" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j7wt-w5x2-nye4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51747?format=api", "vulnerability_id": "VCID-jfw1-18np-47b8", "summary": "Multiple vulnerabilities have been found in Firefox, Thunderbird,\n Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with\n the worst of which may allow remote execution of arbitrary code.", "references": [ { "reference_url": "http://hg.mozilla.org/releases/mozilla-release/rev/b208427885d3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://hg.mozilla.org/releases/mozilla-release/rev/b208427885d3" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1961.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1961.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1961", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00749", "scoring_system": "epss", "scoring_elements": "0.73112", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00749", "scoring_system": "epss", "scoring_elements": "0.7306", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00749", "scoring_system": "epss", "scoring_elements": "0.73114", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00749", "scoring_system": "epss", "scoring_elements": "0.73139", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00749", "scoring_system": "epss", "scoring_elements": "0.73119", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00749", "scoring_system": "epss", "scoring_elements": "0.73069", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00749", "scoring_system": "epss", "scoring_elements": "0.7309", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00749", "scoring_system": "epss", "scoring_elements": "0.73064", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00749", "scoring_system": "epss", "scoring_elements": "0.73101", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1961" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1249377", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1249377" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3510", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3510" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3520", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3520" }, { "reference_url": "http://www.mozilla.org/security/announce/2016/mfsa2016-24.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-24.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "reference_url": "http://www.securitytracker.com/id/1035215", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1035215" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-2" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-3" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2934-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2934-1" }, { "reference_url": "http://zerodayinitiative.com/advisories/ZDI-16-199/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://zerodayinitiative.com/advisories/ZDI-16-199/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315577", "reference_id": "1315577", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315577" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1961", "reference_id": "CVE-2016-1961", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1961" }, { "reference_url": "https://security.gentoo.org/glsa/201605-06", "reference_id": "GLSA-201605-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201605-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-24", "reference_id": "mfsa2016-24", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-24" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0373", "reference_id": "RHSA-2016:0373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0460", "reference_id": "RHSA-2016:0460", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0460" }, { "reference_url": "https://usn.ubuntu.com/2917-1/", "reference_id": "USN-2917-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2917-1/" }, { "reference_url": "https://usn.ubuntu.com/2934-1/", "reference_id": "USN-2934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2934-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571079?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-19cb-y1de-u3bn" }, { "vulnerability": "VCID-1tcx-3zn1-ykdq" }, { "vulnerability": "VCID-2ptm-gx1p-uyhf" }, { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-3dea-vjmc-b7eb" }, { "vulnerability": "VCID-3ehk-593t-abcp" }, { "vulnerability": "VCID-3nup-1513-ybaq" }, { "vulnerability": "VCID-3tww-nhmh-gua6" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4azu-y4y6-nyff" }, { "vulnerability": "VCID-4d2q-usge-77ft" }, { "vulnerability": "VCID-4hnb-y6bt-4fb1" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-545u-wnrj-z3dh" }, { "vulnerability": "VCID-5dyh-s3yd-vqes" }, { "vulnerability": "VCID-5n3q-eby7-67de" }, { "vulnerability": "VCID-5wqt-2dtu-8qa4" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-667g-8khd-kkhm" }, { "vulnerability": "VCID-67my-umrg-wkgm" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-84kk-wfxx-t3c8" }, { "vulnerability": "VCID-86q8-2yv7-efez" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-avw6-7aqv-hbaa" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-bjyq-1zfk-eugq" }, { "vulnerability": "VCID-bp6q-cu6s-2ke7" }, { "vulnerability": "VCID-bwm1-yauc-xudu" }, { "vulnerability": "VCID-c3ex-zw8a-6bcy" }, { "vulnerability": "VCID-c83b-ttr4-83em" }, { "vulnerability": "VCID-c8p3-ef58-wudt" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-dk4z-1j37-aucx" }, { "vulnerability": "VCID-dxr7-qubc-tyb7" }, { "vulnerability": "VCID-ecm1-2298-mkfm" }, { "vulnerability": "VCID-ekxy-vaed-u7cg" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-fjam-jfc1-pkbv" }, { "vulnerability": "VCID-gcen-3yba-a3ht" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-hyhc-qud7-6uax" }, { "vulnerability": "VCID-j2ga-ggcd-fkg1" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-j6x8-vnns-1yfg" }, { "vulnerability": "VCID-j7wt-w5x2-nye4" }, { "vulnerability": "VCID-jfw1-18np-47b8" }, { "vulnerability": "VCID-js15-jev6-6fbs" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-jwze-7mfw-r3ax" }, { "vulnerability": "VCID-k131-mfqm-dka9" }, { "vulnerability": "VCID-k5hu-n47k-wffm" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-m59v-ygc2-qucg" }, { "vulnerability": "VCID-mupu-c1j2-xkgs" }, { "vulnerability": "VCID-npyt-d8qr-wqdj" }, { "vulnerability": "VCID-nr84-88hy-6fah" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pbrt-gcqj-kycv" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q4x5-dz5r-jqgr" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-qptm-f15t-57gj" }, { "vulnerability": "VCID-qtp4-ada6-tydd" }, { "vulnerability": "VCID-qu91-vc1p-dyb1" }, { "vulnerability": "VCID-r8en-yg26-w3a1" }, { "vulnerability": "VCID-rsda-j27d-8bdc" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-t4bj-qz9s-s7eb" }, { "vulnerability": "VCID-tb9n-zfut-ubht" }, { "vulnerability": "VCID-tgya-wnfn-t7eb" }, { "vulnerability": "VCID-tjjd-y1pq-ckf4" }, { "vulnerability": "VCID-ut8d-5w7x-4qg2" }, { "vulnerability": "VCID-va34-kurf-uycj" }, { "vulnerability": "VCID-va3j-erp3-3ugy" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-wgxa-54sd-rqd6" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yegk-sgdn-z3ae" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-ysg5-wc3n-fbgw" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z4ad-5vm8-t3g2" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-1961" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jfw1-18np-47b8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51744?format=api", "vulnerability_id": "VCID-js15-jev6-6fbs", "summary": "Multiple vulnerabilities have been found in Firefox, Thunderbird,\n Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with\n the worst of which may allow remote execution of arbitrary code.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1960.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1960.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1960", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.87057", "scoring_system": "epss", "scoring_elements": "0.99442", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.87057", "scoring_system": "epss", "scoring_elements": "0.99436", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.87057", "scoring_system": "epss", "scoring_elements": "0.99439", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.87057", "scoring_system": "epss", "scoring_elements": "0.9944", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.87057", "scoring_system": "epss", "scoring_elements": "0.99441", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.87057", "scoring_system": "epss", "scoring_elements": "0.99435", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.87057", "scoring_system": "epss", "scoring_elements": "0.99437", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1960" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1246014", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1246014" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802" }, { "reference_url": "https://www.exploit-db.com/exploits/42484/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/42484/" }, { "reference_url": "https://www.exploit-db.com/exploits/44294/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/44294/" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3510", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3510" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3520", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3520" }, { "reference_url": "http://www.mozilla.org/security/announce/2016/mfsa2016-23.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-23.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "reference_url": "http://www.securitytracker.com/id/1035215", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1035215" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-2" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-3" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2934-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2934-1" }, { "reference_url": "http://zerodayinitiative.com/advisories/ZDI-16-198/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://zerodayinitiative.com/advisories/ZDI-16-198/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315576", "reference_id": "1315576", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315576" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/42484.html", "reference_id": "CVE-2016-1960", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/42484.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1960", "reference_id": "CVE-2016-1960", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1960" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/44294.html", "reference_id": "CVE-2017-5375;CVE-2016-1960", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/44294.html" }, { "reference_url": "https://security.gentoo.org/glsa/201605-06", "reference_id": "GLSA-201605-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201605-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-23", "reference_id": "mfsa2016-23", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-23" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0373", "reference_id": "RHSA-2016:0373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0460", "reference_id": "RHSA-2016:0460", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0460" }, { "reference_url": "https://usn.ubuntu.com/2917-1/", "reference_id": "USN-2917-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2917-1/" }, { "reference_url": "https://usn.ubuntu.com/2934-1/", "reference_id": "USN-2934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2934-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571079?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-19cb-y1de-u3bn" }, { "vulnerability": "VCID-1tcx-3zn1-ykdq" }, { "vulnerability": "VCID-2ptm-gx1p-uyhf" }, { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-3dea-vjmc-b7eb" }, { "vulnerability": "VCID-3ehk-593t-abcp" }, { "vulnerability": "VCID-3nup-1513-ybaq" }, { "vulnerability": "VCID-3tww-nhmh-gua6" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4azu-y4y6-nyff" }, { "vulnerability": "VCID-4d2q-usge-77ft" }, { "vulnerability": "VCID-4hnb-y6bt-4fb1" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-545u-wnrj-z3dh" }, { "vulnerability": "VCID-5dyh-s3yd-vqes" }, { "vulnerability": "VCID-5n3q-eby7-67de" }, { "vulnerability": "VCID-5wqt-2dtu-8qa4" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-667g-8khd-kkhm" }, { "vulnerability": "VCID-67my-umrg-wkgm" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-84kk-wfxx-t3c8" }, { "vulnerability": "VCID-86q8-2yv7-efez" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-avw6-7aqv-hbaa" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-bjyq-1zfk-eugq" }, { "vulnerability": "VCID-bp6q-cu6s-2ke7" }, { "vulnerability": "VCID-bwm1-yauc-xudu" }, { "vulnerability": "VCID-c3ex-zw8a-6bcy" }, { "vulnerability": "VCID-c83b-ttr4-83em" }, { "vulnerability": "VCID-c8p3-ef58-wudt" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-dk4z-1j37-aucx" }, { "vulnerability": "VCID-dxr7-qubc-tyb7" }, { "vulnerability": "VCID-ecm1-2298-mkfm" }, { "vulnerability": "VCID-ekxy-vaed-u7cg" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-fjam-jfc1-pkbv" }, { "vulnerability": "VCID-gcen-3yba-a3ht" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-hyhc-qud7-6uax" }, { "vulnerability": "VCID-j2ga-ggcd-fkg1" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-j6x8-vnns-1yfg" }, { "vulnerability": "VCID-j7wt-w5x2-nye4" }, { "vulnerability": "VCID-jfw1-18np-47b8" }, { "vulnerability": "VCID-js15-jev6-6fbs" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-jwze-7mfw-r3ax" }, { "vulnerability": "VCID-k131-mfqm-dka9" }, { "vulnerability": "VCID-k5hu-n47k-wffm" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-m59v-ygc2-qucg" }, { "vulnerability": "VCID-mupu-c1j2-xkgs" }, { "vulnerability": "VCID-npyt-d8qr-wqdj" }, { "vulnerability": "VCID-nr84-88hy-6fah" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pbrt-gcqj-kycv" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q4x5-dz5r-jqgr" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-qptm-f15t-57gj" }, { "vulnerability": "VCID-qtp4-ada6-tydd" }, { "vulnerability": "VCID-qu91-vc1p-dyb1" }, { "vulnerability": "VCID-r8en-yg26-w3a1" }, { "vulnerability": "VCID-rsda-j27d-8bdc" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-t4bj-qz9s-s7eb" }, { "vulnerability": "VCID-tb9n-zfut-ubht" }, { "vulnerability": "VCID-tgya-wnfn-t7eb" }, { "vulnerability": "VCID-tjjd-y1pq-ckf4" }, { "vulnerability": "VCID-ut8d-5w7x-4qg2" }, { "vulnerability": "VCID-va34-kurf-uycj" }, { "vulnerability": "VCID-va3j-erp3-3ugy" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-wgxa-54sd-rqd6" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yegk-sgdn-z3ae" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-ysg5-wc3n-fbgw" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z4ad-5vm8-t3g2" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-1960" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-js15-jev6-6fbs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31907?format=api", "vulnerability_id": "VCID-jwze-7mfw-r3ax", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5404.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5404.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.21288", "scoring_system": "epss", "scoring_elements": "0.95684", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.21288", "scoring_system": "epss", "scoring_elements": "0.95682", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.21288", "scoring_system": "epss", "scoring_elements": "0.95678", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.21288", "scoring_system": "epss", "scoring_elements": "0.95649", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.21288", "scoring_system": "epss", "scoring_elements": "0.95663", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.21288", "scoring_system": "epss", "scoring_elements": "0.95674", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.21288", "scoring_system": "epss", "scoring_elements": "0.95666", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.21288", "scoring_system": "epss", "scoring_elements": "0.95658", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5404" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1340138", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1340138" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3805" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3832", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3832" }, { "reference_url": "https://www.exploit-db.com/exploits/41660/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/41660/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-06/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-06/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-07/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-07/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-09/" }, { "reference_url": "http://www.securityfocus.com/bid/96664", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96664" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429781", "reference_id": "1429781", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429781" }, { "reference_url": "https://security.archlinux.org/ASA-201703-2", "reference_id": "ASA-201703-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-2" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-193", "reference_id": "AVG-193", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-193" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5404", "reference_id": "CVE-2017-5404", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5404" }, { "reference_url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1130", "reference_id": "CVE-2017-5404;MFSA2017-05", "reference_type": "exploit", "scores": [], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1130" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/41660.html", "reference_id": "CVE-2017-5404;MFSA2017-05", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/41660.html" }, { "reference_url": "https://security.gentoo.org/glsa/201705-06", "reference_id": "GLSA-201705-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-06" }, { "reference_url": "https://security.gentoo.org/glsa/201705-07", "reference_id": "GLSA-201705-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06", "reference_id": "mfsa2017-06", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07", "reference_id": "mfsa2017-07", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0459", "reference_id": "RHSA-2017:0459", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0459" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0461", "reference_id": "RHSA-2017:0461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0498", "reference_id": "RHSA-2017:0498", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0498" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" }, { "reference_url": "https://usn.ubuntu.com/3233-1/", "reference_id": "USN-3233-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3233-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2017-5404" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jwze-7mfw-r3ax" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43502?format=api", "vulnerability_id": "VCID-k131-mfqm-dka9", "summary": "Multiple vulnerabilities have been found in Graphite, the worst of\n which could lead to the remote execution of arbitrary code.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1977.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1977.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1977", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00701", "scoring_system": "epss", "scoring_elements": "0.72031", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00701", "scoring_system": "epss", "scoring_elements": "0.71984", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00701", "scoring_system": "epss", "scoring_elements": "0.72038", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00701", "scoring_system": "epss", "scoring_elements": "0.72062", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00701", "scoring_system": "epss", "scoring_elements": "0.72046", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00701", "scoring_system": "epss", "scoring_elements": "0.71991", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00701", "scoring_system": "epss", "scoring_elements": "0.72011", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00701", "scoring_system": "epss", "scoring_elements": "0.71987", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00701", "scoring_system": "epss", "scoring_elements": "0.72026", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1977" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1248876", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1248876" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3510", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3510" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3515", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3515" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3520", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3520" }, { "reference_url": "http://www.mozilla.org/security/announce/2016/mfsa2016-37.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-37.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "reference_url": "http://www.securityfocus.com/bid/84222", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/84222" }, { "reference_url": "http://www.securitytracker.com/id/1035215", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1035215" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-2" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-3" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2927-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2927-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2934-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2934-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315795", "reference_id": "1315795", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315795" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1977", "reference_id": "CVE-2016-1977", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1977" }, { "reference_url": "https://security.gentoo.org/glsa/201605-06", "reference_id": "GLSA-201605-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201605-06" }, { "reference_url": "https://security.gentoo.org/glsa/201701-63", "reference_id": "GLSA-201701-63", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-63" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37", "reference_id": "mfsa2016-37", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0373", "reference_id": "RHSA-2016:0373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0460", "reference_id": "RHSA-2016:0460", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0460" }, { "reference_url": "https://usn.ubuntu.com/2917-1/", "reference_id": "USN-2917-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2917-1/" }, { "reference_url": "https://usn.ubuntu.com/2927-1/", "reference_id": "USN-2927-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2927-1/" }, { "reference_url": "https://usn.ubuntu.com/2934-1/", "reference_id": "USN-2934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2934-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571079?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-19cb-y1de-u3bn" }, { "vulnerability": "VCID-1tcx-3zn1-ykdq" }, { "vulnerability": "VCID-2ptm-gx1p-uyhf" }, { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-3dea-vjmc-b7eb" }, { "vulnerability": "VCID-3ehk-593t-abcp" }, { "vulnerability": "VCID-3nup-1513-ybaq" }, { "vulnerability": "VCID-3tww-nhmh-gua6" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4azu-y4y6-nyff" }, { "vulnerability": "VCID-4d2q-usge-77ft" }, { "vulnerability": "VCID-4hnb-y6bt-4fb1" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-545u-wnrj-z3dh" }, { "vulnerability": "VCID-5dyh-s3yd-vqes" }, { "vulnerability": "VCID-5n3q-eby7-67de" }, { "vulnerability": "VCID-5wqt-2dtu-8qa4" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-667g-8khd-kkhm" }, { "vulnerability": "VCID-67my-umrg-wkgm" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-84kk-wfxx-t3c8" }, { "vulnerability": "VCID-86q8-2yv7-efez" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-avw6-7aqv-hbaa" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-bjyq-1zfk-eugq" }, { "vulnerability": "VCID-bp6q-cu6s-2ke7" }, { "vulnerability": "VCID-bwm1-yauc-xudu" }, { "vulnerability": "VCID-c3ex-zw8a-6bcy" }, { "vulnerability": "VCID-c83b-ttr4-83em" }, { "vulnerability": "VCID-c8p3-ef58-wudt" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-dk4z-1j37-aucx" }, { "vulnerability": "VCID-dxr7-qubc-tyb7" }, { "vulnerability": "VCID-ecm1-2298-mkfm" }, { "vulnerability": "VCID-ekxy-vaed-u7cg" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-fjam-jfc1-pkbv" }, { "vulnerability": "VCID-gcen-3yba-a3ht" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-hyhc-qud7-6uax" }, { "vulnerability": "VCID-j2ga-ggcd-fkg1" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-j6x8-vnns-1yfg" }, { "vulnerability": "VCID-j7wt-w5x2-nye4" }, { "vulnerability": "VCID-jfw1-18np-47b8" }, { "vulnerability": "VCID-js15-jev6-6fbs" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-jwze-7mfw-r3ax" }, { "vulnerability": "VCID-k131-mfqm-dka9" }, { "vulnerability": "VCID-k5hu-n47k-wffm" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-m59v-ygc2-qucg" }, { "vulnerability": "VCID-mupu-c1j2-xkgs" }, { "vulnerability": "VCID-npyt-d8qr-wqdj" }, { "vulnerability": "VCID-nr84-88hy-6fah" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pbrt-gcqj-kycv" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q4x5-dz5r-jqgr" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-qptm-f15t-57gj" }, { "vulnerability": "VCID-qtp4-ada6-tydd" }, { "vulnerability": "VCID-qu91-vc1p-dyb1" }, { "vulnerability": "VCID-r8en-yg26-w3a1" }, { "vulnerability": "VCID-rsda-j27d-8bdc" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-t4bj-qz9s-s7eb" }, { "vulnerability": "VCID-tb9n-zfut-ubht" }, { "vulnerability": "VCID-tgya-wnfn-t7eb" }, { "vulnerability": "VCID-tjjd-y1pq-ckf4" }, { "vulnerability": "VCID-ut8d-5w7x-4qg2" }, { "vulnerability": "VCID-va34-kurf-uycj" }, { "vulnerability": "VCID-va3j-erp3-3ugy" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-wgxa-54sd-rqd6" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yegk-sgdn-z3ae" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-ysg5-wc3n-fbgw" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z4ad-5vm8-t3g2" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-1977" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k131-mfqm-dka9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43505?format=api", "vulnerability_id": "VCID-k5hu-n47k-wffm", "summary": "Multiple vulnerabilities have been found in Graphite, the worst of\n which could lead to the remote execution of arbitrary code.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2792.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2792.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2792", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68422", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68356", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.6844", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68467", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68455", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68377", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68396", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68373", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68423", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2792" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1243482", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1243482" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3510", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3510" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3515", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3515" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3520", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3520" }, { "reference_url": "http://www.mozilla.org/security/announce/2016/mfsa2016-37.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-37.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "reference_url": "http://www.securityfocus.com/bid/84222", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/84222" }, { "reference_url": "http://www.securitytracker.com/id/1035215", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1035215" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-2" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-3" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2927-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2927-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2934-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2934-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315795", "reference_id": "1315795", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315795" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2792", "reference_id": "CVE-2016-2792", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2792" }, { "reference_url": "https://security.gentoo.org/glsa/201605-06", "reference_id": "GLSA-201605-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201605-06" }, { "reference_url": "https://security.gentoo.org/glsa/201701-63", "reference_id": "GLSA-201701-63", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-63" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37", "reference_id": "mfsa2016-37", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0373", "reference_id": "RHSA-2016:0373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0460", "reference_id": "RHSA-2016:0460", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0460" }, { "reference_url": "https://usn.ubuntu.com/2917-1/", "reference_id": "USN-2917-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2917-1/" }, { "reference_url": "https://usn.ubuntu.com/2927-1/", "reference_id": "USN-2927-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2927-1/" }, { "reference_url": "https://usn.ubuntu.com/2934-1/", "reference_id": "USN-2934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2934-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571079?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-19cb-y1de-u3bn" }, { "vulnerability": "VCID-1tcx-3zn1-ykdq" }, { "vulnerability": "VCID-2ptm-gx1p-uyhf" }, { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-3dea-vjmc-b7eb" }, { "vulnerability": "VCID-3ehk-593t-abcp" }, { "vulnerability": "VCID-3nup-1513-ybaq" }, { "vulnerability": "VCID-3tww-nhmh-gua6" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4azu-y4y6-nyff" }, { "vulnerability": "VCID-4d2q-usge-77ft" }, { "vulnerability": "VCID-4hnb-y6bt-4fb1" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-545u-wnrj-z3dh" }, { "vulnerability": "VCID-5dyh-s3yd-vqes" }, { "vulnerability": "VCID-5n3q-eby7-67de" }, { "vulnerability": "VCID-5wqt-2dtu-8qa4" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-667g-8khd-kkhm" }, { "vulnerability": "VCID-67my-umrg-wkgm" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-84kk-wfxx-t3c8" }, { "vulnerability": "VCID-86q8-2yv7-efez" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-avw6-7aqv-hbaa" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-bjyq-1zfk-eugq" }, { "vulnerability": "VCID-bp6q-cu6s-2ke7" }, { "vulnerability": "VCID-bwm1-yauc-xudu" }, { "vulnerability": "VCID-c3ex-zw8a-6bcy" }, { "vulnerability": "VCID-c83b-ttr4-83em" }, { "vulnerability": "VCID-c8p3-ef58-wudt" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-dk4z-1j37-aucx" }, { "vulnerability": "VCID-dxr7-qubc-tyb7" }, { "vulnerability": "VCID-ecm1-2298-mkfm" }, { "vulnerability": "VCID-ekxy-vaed-u7cg" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-fjam-jfc1-pkbv" }, { "vulnerability": "VCID-gcen-3yba-a3ht" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-hyhc-qud7-6uax" }, { "vulnerability": "VCID-j2ga-ggcd-fkg1" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-j6x8-vnns-1yfg" }, { "vulnerability": "VCID-j7wt-w5x2-nye4" }, { "vulnerability": "VCID-jfw1-18np-47b8" }, { "vulnerability": "VCID-js15-jev6-6fbs" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-jwze-7mfw-r3ax" }, { "vulnerability": "VCID-k131-mfqm-dka9" }, { "vulnerability": "VCID-k5hu-n47k-wffm" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-m59v-ygc2-qucg" }, { "vulnerability": "VCID-mupu-c1j2-xkgs" }, { "vulnerability": "VCID-npyt-d8qr-wqdj" }, { "vulnerability": "VCID-nr84-88hy-6fah" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pbrt-gcqj-kycv" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q4x5-dz5r-jqgr" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-qptm-f15t-57gj" }, { "vulnerability": "VCID-qtp4-ada6-tydd" }, { "vulnerability": "VCID-qu91-vc1p-dyb1" }, { "vulnerability": "VCID-r8en-yg26-w3a1" }, { "vulnerability": "VCID-rsda-j27d-8bdc" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-t4bj-qz9s-s7eb" }, { "vulnerability": "VCID-tb9n-zfut-ubht" }, { "vulnerability": "VCID-tgya-wnfn-t7eb" }, { "vulnerability": "VCID-tjjd-y1pq-ckf4" }, { "vulnerability": "VCID-ut8d-5w7x-4qg2" }, { "vulnerability": "VCID-va34-kurf-uycj" }, { "vulnerability": "VCID-va3j-erp3-3ugy" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-wgxa-54sd-rqd6" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yegk-sgdn-z3ae" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-ysg5-wc3n-fbgw" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z4ad-5vm8-t3g2" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-2792" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k5hu-n47k-wffm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41544?format=api", "vulnerability_id": "VCID-m59v-ygc2-qucg", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0190.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0190.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0238.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0238.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5378.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5378.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01705", "scoring_system": "epss", "scoring_elements": "0.8231", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01705", "scoring_system": "epss", "scoring_elements": "0.82315", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01705", "scoring_system": "epss", "scoring_elements": "0.82241", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01705", "scoring_system": "epss", "scoring_elements": "0.82322", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01705", "scoring_system": "epss", "scoring_elements": "0.82302", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01705", "scoring_system": "epss", "scoring_elements": "0.82295", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01705", "scoring_system": "epss", "scoring_elements": "0.82268", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01705", "scoring_system": "epss", "scoring_elements": "0.82254", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01705", "scoring_system": "epss", "scoring_elements": "0.82273", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5378" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1312001", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1312001" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1330769", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1330769" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3771" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3832", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3832" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-01/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-01/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-02/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-02/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-03/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-03/" }, { "reference_url": "http://www.securityfocus.com/bid/95769", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/95769" }, { "reference_url": "http://www.securitytracker.com/id/1037693", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037693" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416273", "reference_id": "1416273", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416273" }, { "reference_url": "https://security.archlinux.org/ASA-201701-39", "reference_id": "ASA-201701-39", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-39" }, { "reference_url": "https://security.archlinux.org/ASA-201701-40", "reference_id": "ASA-201701-40", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-40" }, { "reference_url": "https://security.archlinux.org/AVG-157", "reference_id": "AVG-157", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-157" }, { "reference_url": "https://security.archlinux.org/AVG-158", "reference_id": "AVG-158", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-158" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5378", "reference_id": "CVE-2017-5378", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:N" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5378" }, { "reference_url": "https://security.gentoo.org/glsa/201702-13", "reference_id": "GLSA-201702-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-13" }, { "reference_url": "https://security.gentoo.org/glsa/201702-22", "reference_id": "GLSA-201702-22", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-22" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01", "reference_id": "mfsa2017-01", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-02", "reference_id": "mfsa2017-02", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-03", "reference_id": "mfsa2017-03", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0190", "reference_id": "RHSA-2017:0190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0190" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0238", "reference_id": "RHSA-2017:0238", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0238" }, { "reference_url": "https://usn.ubuntu.com/3165-1/", "reference_id": "USN-3165-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3165-1/" }, { "reference_url": "https://usn.ubuntu.com/3175-1/", "reference_id": "USN-3175-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3175-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2017-5378" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m59v-ygc2-qucg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56638?format=api", "vulnerability_id": "VCID-mupu-c1j2-xkgs", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox and\n Thunderbird the worst of which could lead to the execution of arbitrary\n code.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-0695.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-0695.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2806.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2806.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2806", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01777", "scoring_system": "epss", "scoring_elements": "0.82682", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01777", "scoring_system": "epss", "scoring_elements": "0.82616", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01777", "scoring_system": "epss", "scoring_elements": "0.82668", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01777", "scoring_system": "epss", "scoring_elements": "0.82674", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01777", "scoring_system": "epss", "scoring_elements": "0.82692", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01777", "scoring_system": "epss", "scoring_elements": "0.82686", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01777", "scoring_system": "epss", "scoring_elements": "0.82631", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01777", "scoring_system": "epss", "scoring_elements": "0.82646", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01777", "scoring_system": "epss", "scoring_elements": "0.82642", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2806" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1212328", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1212328" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1228882", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1228882" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1231919", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1231919" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1238592", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1238592" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1242668", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1242668" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1242810", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1242810" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1251922", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1251922" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1253099", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1253099" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1254122", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1254122" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1255949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1255949" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1256065", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1256065" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1258231", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1258231" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1260439", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1260439" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3601", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3601" }, { "reference_url": "http://www.mozilla.org/security/announce/2016/mfsa2016-39.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-39.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "reference_url": "http://www.securitytracker.com/id/1035692", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1035692" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2936-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2936-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2936-2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2936-2" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2936-3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2936-3" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1330270", "reference_id": "1330270", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1330270" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:45.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2806", "reference_id": "CVE-2016-2806", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2806" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2806", "reference_id": "CVE-2016-2806", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:C/I:C/A:C" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2806" }, { "reference_url": "https://security.gentoo.org/glsa/201701-15", "reference_id": "GLSA-201701-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-39", "reference_id": "mfsa2016-39", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-39" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0695", "reference_id": "RHSA-2016:0695", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0695" }, { "reference_url": "https://usn.ubuntu.com/2936-1/", "reference_id": "USN-2936-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2936-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-2806" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mupu-c1j2-xkgs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31906?format=api", "vulnerability_id": "VCID-npyt-d8qr-wqdj", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5402.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5402.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02498", "scoring_system": "epss", "scoring_elements": "0.8533", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02498", "scoring_system": "epss", "scoring_elements": "0.85333", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02498", "scoring_system": "epss", "scoring_elements": "0.85336", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02498", "scoring_system": "epss", "scoring_elements": "0.85258", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02498", "scoring_system": "epss", "scoring_elements": "0.85292", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02498", "scoring_system": "epss", "scoring_elements": "0.85313", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02498", "scoring_system": "epss", "scoring_elements": "0.8527", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02498", "scoring_system": "epss", "scoring_elements": "0.85289", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02498", "scoring_system": "epss", "scoring_elements": "0.85322", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5402" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1334876", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1334876" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3805" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3832", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3832" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-06/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-06/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-07/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-07/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-09/" }, { "reference_url": "http://www.securityfocus.com/bid/96664", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96664" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429780", "reference_id": "1429780", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429780" }, { "reference_url": "https://security.archlinux.org/ASA-201703-2", "reference_id": "ASA-201703-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-2" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-193", "reference_id": "AVG-193", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-193" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5402", "reference_id": "CVE-2017-5402", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5402" }, { "reference_url": "https://security.gentoo.org/glsa/201705-06", "reference_id": "GLSA-201705-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-06" }, { "reference_url": "https://security.gentoo.org/glsa/201705-07", "reference_id": "GLSA-201705-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06", "reference_id": "mfsa2017-06", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07", "reference_id": "mfsa2017-07", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0459", "reference_id": "RHSA-2017:0459", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0459" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0461", "reference_id": "RHSA-2017:0461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0498", "reference_id": "RHSA-2017:0498", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0498" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" }, { "reference_url": "https://usn.ubuntu.com/3233-1/", "reference_id": "USN-3233-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3233-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2017-5402" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-npyt-d8qr-wqdj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43512?format=api", "vulnerability_id": "VCID-nr84-88hy-6fah", "summary": "Multiple vulnerabilities have been found in Graphite, the worst of\n which could lead to the remote execution of arbitrary code.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2796.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2796.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2796", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68422", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68357", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68441", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68467", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68455", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68377", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68396", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68373", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00565", "scoring_system": "epss", "scoring_elements": "0.68424", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2796" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1243816", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1243816" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3510", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3510" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3515", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3515" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3520", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3520" }, { "reference_url": "http://www.mozilla.org/security/announce/2016/mfsa2016-37.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-37.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "reference_url": "http://www.securityfocus.com/bid/84222", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/84222" }, { "reference_url": "http://www.securitytracker.com/id/1035215", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1035215" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-2" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-3" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2927-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2927-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2934-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2934-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315795", "reference_id": "1315795", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315795" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2796", "reference_id": "CVE-2016-2796", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2796" }, { "reference_url": "https://security.gentoo.org/glsa/201605-06", "reference_id": "GLSA-201605-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201605-06" }, { "reference_url": "https://security.gentoo.org/glsa/201701-63", "reference_id": "GLSA-201701-63", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-63" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37", "reference_id": "mfsa2016-37", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0373", "reference_id": "RHSA-2016:0373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0460", "reference_id": "RHSA-2016:0460", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0460" }, { "reference_url": "https://usn.ubuntu.com/2917-1/", "reference_id": "USN-2917-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2917-1/" }, { "reference_url": "https://usn.ubuntu.com/2927-1/", "reference_id": "USN-2927-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2927-1/" }, { "reference_url": "https://usn.ubuntu.com/2934-1/", "reference_id": "USN-2934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2934-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571079?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-19cb-y1de-u3bn" }, { "vulnerability": "VCID-1tcx-3zn1-ykdq" }, { "vulnerability": "VCID-2ptm-gx1p-uyhf" }, { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-3dea-vjmc-b7eb" }, { "vulnerability": "VCID-3ehk-593t-abcp" }, { "vulnerability": "VCID-3nup-1513-ybaq" }, { "vulnerability": "VCID-3tww-nhmh-gua6" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4azu-y4y6-nyff" }, { "vulnerability": "VCID-4d2q-usge-77ft" }, { "vulnerability": "VCID-4hnb-y6bt-4fb1" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-545u-wnrj-z3dh" }, { "vulnerability": "VCID-5dyh-s3yd-vqes" }, { "vulnerability": "VCID-5n3q-eby7-67de" }, { "vulnerability": "VCID-5wqt-2dtu-8qa4" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-667g-8khd-kkhm" }, { "vulnerability": "VCID-67my-umrg-wkgm" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-84kk-wfxx-t3c8" }, { "vulnerability": "VCID-86q8-2yv7-efez" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-avw6-7aqv-hbaa" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-bjyq-1zfk-eugq" }, { "vulnerability": "VCID-bp6q-cu6s-2ke7" }, { "vulnerability": "VCID-bwm1-yauc-xudu" }, { "vulnerability": "VCID-c3ex-zw8a-6bcy" }, { "vulnerability": "VCID-c83b-ttr4-83em" }, { "vulnerability": "VCID-c8p3-ef58-wudt" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-dk4z-1j37-aucx" }, { "vulnerability": "VCID-dxr7-qubc-tyb7" }, { "vulnerability": "VCID-ecm1-2298-mkfm" }, { "vulnerability": "VCID-ekxy-vaed-u7cg" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-fjam-jfc1-pkbv" }, { "vulnerability": "VCID-gcen-3yba-a3ht" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-hyhc-qud7-6uax" }, { "vulnerability": "VCID-j2ga-ggcd-fkg1" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-j6x8-vnns-1yfg" }, { "vulnerability": "VCID-j7wt-w5x2-nye4" }, { "vulnerability": "VCID-jfw1-18np-47b8" }, { "vulnerability": "VCID-js15-jev6-6fbs" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-jwze-7mfw-r3ax" }, { "vulnerability": "VCID-k131-mfqm-dka9" }, { "vulnerability": "VCID-k5hu-n47k-wffm" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-m59v-ygc2-qucg" }, { "vulnerability": "VCID-mupu-c1j2-xkgs" }, { "vulnerability": "VCID-npyt-d8qr-wqdj" }, { "vulnerability": "VCID-nr84-88hy-6fah" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pbrt-gcqj-kycv" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q4x5-dz5r-jqgr" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-qptm-f15t-57gj" }, { "vulnerability": "VCID-qtp4-ada6-tydd" }, { "vulnerability": "VCID-qu91-vc1p-dyb1" }, { "vulnerability": "VCID-r8en-yg26-w3a1" }, { "vulnerability": "VCID-rsda-j27d-8bdc" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-t4bj-qz9s-s7eb" }, { "vulnerability": "VCID-tb9n-zfut-ubht" }, { "vulnerability": "VCID-tgya-wnfn-t7eb" }, { "vulnerability": "VCID-tjjd-y1pq-ckf4" }, { "vulnerability": "VCID-ut8d-5w7x-4qg2" }, { "vulnerability": "VCID-va34-kurf-uycj" }, { "vulnerability": "VCID-va3j-erp3-3ugy" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-wgxa-54sd-rqd6" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yegk-sgdn-z3ae" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-ysg5-wc3n-fbgw" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z4ad-5vm8-t3g2" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-2796" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nr84-88hy-6fah" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56757?format=api", "vulnerability_id": "VCID-pbrt-gcqj-kycv", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox and\n Thunderbird the worst of which could lead to the execution of arbitrary\n code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2946.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2946.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2973.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2973.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9900.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9900.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9900", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01011", "scoring_system": "epss", "scoring_elements": "0.77109", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01011", "scoring_system": "epss", "scoring_elements": "0.77114", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01011", "scoring_system": "epss", "scoring_elements": "0.77049", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01011", "scoring_system": "epss", "scoring_elements": "0.77135", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01011", "scoring_system": "epss", "scoring_elements": "0.77107", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01011", "scoring_system": "epss", "scoring_elements": "0.77097", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01011", "scoring_system": "epss", "scoring_elements": "0.77065", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01011", "scoring_system": "epss", "scoring_elements": "0.77083", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01011", "scoring_system": "epss", "scoring_elements": "0.77055", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9900" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1319122", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1319122" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3757" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2016-94/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2016-94/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2016-95/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2016-95/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2016-96/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2016-96/" }, { "reference_url": "http://www.securityfocus.com/bid/94885", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/94885" }, { "reference_url": "http://www.securitytracker.com/id/1037461", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037461" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1404090", "reference_id": "1404090", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1404090" }, { "reference_url": "https://security.archlinux.org/ASA-201612-15", "reference_id": "ASA-201612-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201612-15" }, { "reference_url": "https://security.archlinux.org/AVG-106", "reference_id": "AVG-106", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-106" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9900", "reference_id": "CVE-2016-9900", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:N" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9900" }, { "reference_url": "https://security.gentoo.org/glsa/201701-15", "reference_id": "GLSA-201701-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-94", "reference_id": "mfsa2016-94", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-94" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-95", "reference_id": "mfsa2016-95", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-95" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-96", "reference_id": "mfsa2016-96", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-96" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2946", "reference_id": "RHSA-2016:2946", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2946" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2973", "reference_id": "RHSA-2016:2973", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2973" }, { "reference_url": "https://usn.ubuntu.com/3155-1/", "reference_id": "USN-3155-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3155-1/" }, { "reference_url": "https://usn.ubuntu.com/3165-1/", "reference_id": "USN-3165-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3165-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-9900" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pbrt-gcqj-kycv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56763?format=api", "vulnerability_id": "VCID-q4x5-dz5r-jqgr", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox and\n Thunderbird the worst of which could lead to the execution of arbitrary\n code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2946.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2946.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2973.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2973.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9905.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9905.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9905", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01174", "scoring_system": "epss", "scoring_elements": "0.7869", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01174", "scoring_system": "epss", "scoring_elements": "0.78659", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01174", "scoring_system": "epss", "scoring_elements": "0.78685", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01174", "scoring_system": "epss", "scoring_elements": "0.78692", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01174", "scoring_system": "epss", "scoring_elements": "0.78716", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01174", "scoring_system": "epss", "scoring_elements": "0.78698", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01174", "scoring_system": "epss", "scoring_elements": "0.78642", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01174", "scoring_system": "epss", "scoring_elements": "0.78648", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01174", "scoring_system": "epss", "scoring_elements": "0.78679", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9905" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1293985", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1293985" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3757" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2016-95/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2016-95/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2016-96/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2016-96/" }, { "reference_url": "http://www.securityfocus.com/bid/94884", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/94884" }, { "reference_url": "http://www.securitytracker.com/id/1037462", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037462" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1404094", "reference_id": "1404094", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1404094" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9905", "reference_id": "CVE-2016-9905", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9905" }, { "reference_url": "https://security.gentoo.org/glsa/201701-15", "reference_id": "GLSA-201701-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-95", "reference_id": "mfsa2016-95", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-95" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-96", "reference_id": "mfsa2016-96", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-96" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2946", "reference_id": "RHSA-2016:2946", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2946" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2973", "reference_id": "RHSA-2016:2973", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2973" }, { "reference_url": "https://usn.ubuntu.com/3165-1/", "reference_id": "USN-3165-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3165-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-9905" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q4x5-dz5r-jqgr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56741?format=api", "vulnerability_id": "VCID-qptm-f15t-57gj", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox and\n Thunderbird the worst of which could lead to the execution of arbitrary\n code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2780.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2780.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2825.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2825.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5290.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5290.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5290", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83117", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83121", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83051", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83127", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83111", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83103", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83079", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83081", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01874", "scoring_system": "epss", "scoring_elements": "0.83067", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5290" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1309720%2C1297062%2C1303710%2C1018486%2C1292590%2C1301343%2C1301496%2C1308048%2C1308346%2C1299519%2C1286911%2C1298169", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1309720%2C1297062%2C1303710%2C1018486%2C1292590%2C1301343%2C1301496%2C1308048%2C1308346%2C1299519%2C1286911%2C1298169" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9064", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9064" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2016/dsa-3730", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2016/dsa-3730" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2016-89/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2016-89/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2016-90/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2016-90/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2016-93/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2016-93/" }, { "reference_url": "http://www.securityfocus.com/bid/94335", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/94335" }, { "reference_url": "http://www.securitytracker.com/id/1037298", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037298" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1395066", "reference_id": "1395066", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1395066" }, { "reference_url": "https://security.archlinux.org/ASA-201611-16", "reference_id": "ASA-201611-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-16" }, { "reference_url": "https://security.archlinux.org/AVG-72", "reference_id": "AVG-72", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-72" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5290", "reference_id": "CVE-2016-5290", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5290" }, { "reference_url": "https://security.gentoo.org/glsa/201701-15", "reference_id": "GLSA-201701-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89", "reference_id": "mfsa2016-89", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-90", "reference_id": "mfsa2016-90", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-90" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-93", "reference_id": "mfsa2016-93", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-93" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2780", "reference_id": "RHSA-2016:2780", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2780" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2825", "reference_id": "RHSA-2016:2825", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2825" }, { "reference_url": "https://usn.ubuntu.com/3124-1/", "reference_id": "USN-3124-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3124-1/" }, { "reference_url": "https://usn.ubuntu.com/3141-1/", "reference_id": "USN-3141-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3141-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-5290" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qptm-f15t-57gj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51779?format=api", "vulnerability_id": "VCID-qtp4-ada6-tydd", "summary": "Multiple vulnerabilities have been found in Firefox, Thunderbird,\n Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with\n the worst of which may allow remote execution of arbitrary code.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1974.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1974.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1974", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.65715", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.6563", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.65738", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.65759", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.65744", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.65679", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.65709", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.65675", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.65726", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1974" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1228103", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1228103" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3510", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3510" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3520", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3520" }, { "reference_url": "http://www.mozilla.org/security/announce/2016/mfsa2016-34.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-34.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "reference_url": "http://www.securitytracker.com/id/1035215", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1035215" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-2" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-3" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2934-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2934-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315785", "reference_id": "1315785", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315785" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1974", "reference_id": "CVE-2016-1974", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1974" }, { "reference_url": "https://security.gentoo.org/glsa/201605-06", "reference_id": "GLSA-201605-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201605-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-34", "reference_id": "mfsa2016-34", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-34" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0373", "reference_id": "RHSA-2016:0373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0460", "reference_id": "RHSA-2016:0460", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0460" }, { "reference_url": "https://usn.ubuntu.com/2917-1/", "reference_id": "USN-2917-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2917-1/" }, { "reference_url": "https://usn.ubuntu.com/2934-1/", "reference_id": "USN-2934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2934-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571079?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-19cb-y1de-u3bn" }, { "vulnerability": "VCID-1tcx-3zn1-ykdq" }, { "vulnerability": "VCID-2ptm-gx1p-uyhf" }, { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-3dea-vjmc-b7eb" }, { "vulnerability": "VCID-3ehk-593t-abcp" }, { "vulnerability": "VCID-3nup-1513-ybaq" }, { "vulnerability": "VCID-3tww-nhmh-gua6" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4azu-y4y6-nyff" }, { "vulnerability": "VCID-4d2q-usge-77ft" }, { "vulnerability": "VCID-4hnb-y6bt-4fb1" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-545u-wnrj-z3dh" }, { "vulnerability": "VCID-5dyh-s3yd-vqes" }, { "vulnerability": "VCID-5n3q-eby7-67de" }, { "vulnerability": "VCID-5wqt-2dtu-8qa4" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-667g-8khd-kkhm" }, { "vulnerability": "VCID-67my-umrg-wkgm" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-84kk-wfxx-t3c8" }, { "vulnerability": "VCID-86q8-2yv7-efez" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-avw6-7aqv-hbaa" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-bjyq-1zfk-eugq" }, { "vulnerability": "VCID-bp6q-cu6s-2ke7" }, { "vulnerability": "VCID-bwm1-yauc-xudu" }, { "vulnerability": "VCID-c3ex-zw8a-6bcy" }, { "vulnerability": "VCID-c83b-ttr4-83em" }, { "vulnerability": "VCID-c8p3-ef58-wudt" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-dk4z-1j37-aucx" }, { "vulnerability": "VCID-dxr7-qubc-tyb7" }, { "vulnerability": "VCID-ecm1-2298-mkfm" }, { "vulnerability": "VCID-ekxy-vaed-u7cg" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-fjam-jfc1-pkbv" }, { "vulnerability": "VCID-gcen-3yba-a3ht" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-hyhc-qud7-6uax" }, { "vulnerability": "VCID-j2ga-ggcd-fkg1" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-j6x8-vnns-1yfg" }, { "vulnerability": "VCID-j7wt-w5x2-nye4" }, { "vulnerability": "VCID-jfw1-18np-47b8" }, { "vulnerability": "VCID-js15-jev6-6fbs" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-jwze-7mfw-r3ax" }, { "vulnerability": "VCID-k131-mfqm-dka9" }, { "vulnerability": "VCID-k5hu-n47k-wffm" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-m59v-ygc2-qucg" }, { "vulnerability": "VCID-mupu-c1j2-xkgs" }, { "vulnerability": "VCID-npyt-d8qr-wqdj" }, { "vulnerability": "VCID-nr84-88hy-6fah" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pbrt-gcqj-kycv" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q4x5-dz5r-jqgr" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-qptm-f15t-57gj" }, { "vulnerability": "VCID-qtp4-ada6-tydd" }, { "vulnerability": "VCID-qu91-vc1p-dyb1" }, { "vulnerability": "VCID-r8en-yg26-w3a1" }, { "vulnerability": "VCID-rsda-j27d-8bdc" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-t4bj-qz9s-s7eb" }, { "vulnerability": "VCID-tb9n-zfut-ubht" }, { "vulnerability": "VCID-tgya-wnfn-t7eb" }, { "vulnerability": "VCID-tjjd-y1pq-ckf4" }, { "vulnerability": "VCID-ut8d-5w7x-4qg2" }, { "vulnerability": "VCID-va34-kurf-uycj" }, { "vulnerability": "VCID-va3j-erp3-3ugy" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-wgxa-54sd-rqd6" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yegk-sgdn-z3ae" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-ysg5-wc3n-fbgw" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z4ad-5vm8-t3g2" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-1974" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qtp4-ada6-tydd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56756?format=api", "vulnerability_id": "VCID-qu91-vc1p-dyb1", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox and\n Thunderbird the worst of which could lead to the execution of arbitrary\n code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2946.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2946.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2973.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2973.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9899.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9899.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9899", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.36421", "scoring_system": "epss", "scoring_elements": "0.97118", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.36421", "scoring_system": "epss", "scoring_elements": "0.97117", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.36421", "scoring_system": "epss", "scoring_elements": "0.97089", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.36421", "scoring_system": "epss", "scoring_elements": "0.97116", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.36421", "scoring_system": "epss", "scoring_elements": "0.97112", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.36421", "scoring_system": "epss", "scoring_elements": "0.97102", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.36421", "scoring_system": "epss", "scoring_elements": "0.97096", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.36421", "scoring_system": "epss", "scoring_elements": "0.97101", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9899" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1317409", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1317409" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3757" }, { "reference_url": "https://www.exploit-db.com/exploits/41042/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/41042/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2016-94/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2016-94/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2016-95/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2016-95/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2016-96/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2016-96/" }, { "reference_url": "http://www.securityfocus.com/bid/94885", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/94885" }, { "reference_url": "http://www.securitytracker.com/id/1037461", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037461" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1404083", "reference_id": "1404083", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1404083" }, { "reference_url": "https://security.archlinux.org/ASA-201612-15", "reference_id": "ASA-201612-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201612-15" }, { "reference_url": "https://security.archlinux.org/AVG-106", "reference_id": "AVG-106", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-106" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/41042.html", "reference_id": "CVE-2016-9899", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/41042.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9899", "reference_id": "CVE-2016-9899", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9899" }, { "reference_url": "https://security.gentoo.org/glsa/201701-15", "reference_id": "GLSA-201701-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-94", "reference_id": "mfsa2016-94", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-94" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-95", "reference_id": "mfsa2016-95", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-95" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-96", "reference_id": "mfsa2016-96", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-96" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2946", "reference_id": "RHSA-2016:2946", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2946" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2973", "reference_id": "RHSA-2016:2973", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2973" }, { "reference_url": "https://usn.ubuntu.com/3155-1/", "reference_id": "USN-3155-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3155-1/" }, { "reference_url": "https://usn.ubuntu.com/3165-1/", "reference_id": "USN-3165-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3165-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-9899" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qu91-vc1p-dyb1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31903?format=api", "vulnerability_id": "VCID-r8en-yg26-w3a1", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5398.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5398.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03265", "scoring_system": "epss", "scoring_elements": "0.87147", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03265", "scoring_system": "epss", "scoring_elements": "0.87151", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03265", "scoring_system": "epss", "scoring_elements": "0.87157", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03265", "scoring_system": "epss", "scoring_elements": "0.87095", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03265", "scoring_system": "epss", "scoring_elements": "0.87116", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03265", "scoring_system": "epss", "scoring_elements": "0.87136", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03265", "scoring_system": "epss", "scoring_elements": "0.87106", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03265", "scoring_system": "epss", "scoring_elements": "0.87123", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03265", "scoring_system": "epss", "scoring_elements": "0.87144", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5398" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1332550%2C1332597%2C1338383%2C1321612%2C1322971%2C1333568%2C1333887%2C1335450%2C1325052%2C1324379%2C1336510", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1332550%2C1332597%2C1338383%2C1321612%2C1322971%2C1333568%2C1333887%2C1335450%2C1325052%2C1324379%2C1336510" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3805" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3832", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3832" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-06/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-06/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-07/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-07/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-09/" }, { "reference_url": "http://www.securityfocus.com/bid/96651", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96651" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429786", "reference_id": "1429786", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429786" }, { "reference_url": "https://security.archlinux.org/ASA-201703-2", "reference_id": "ASA-201703-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-2" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-193", "reference_id": "AVG-193", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-193" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5398", "reference_id": "CVE-2017-5398", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:C/I:C/A:C" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5398" }, { "reference_url": "https://security.gentoo.org/glsa/201705-06", "reference_id": "GLSA-201705-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-06" }, { "reference_url": "https://security.gentoo.org/glsa/201705-07", "reference_id": "GLSA-201705-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06", "reference_id": "mfsa2017-06", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07", "reference_id": "mfsa2017-07", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0459", "reference_id": "RHSA-2017:0459", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0459" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0461", "reference_id": "RHSA-2017:0461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0498", "reference_id": "RHSA-2017:0498", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0498" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" }, { "reference_url": "https://usn.ubuntu.com/3233-1/", "reference_id": "USN-3233-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3233-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2017-5398" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r8en-yg26-w3a1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51738?format=api", "vulnerability_id": "VCID-rsda-j27d-8bdc", "summary": "Multiple vulnerabilities have been found in Firefox, Thunderbird,\n Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with\n the worst of which may allow remote execution of arbitrary code.", "references": [ { "reference_url": "http://hg.mozilla.org/releases/mozilla-release/rev/5154bb929236", "reference_id": "", "reference_type": "", "scores": [], "url": "http://hg.mozilla.org/releases/mozilla-release/rev/5154bb929236" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1954.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1954.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1954", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02706", "scoring_system": "epss", "scoring_elements": "0.85892", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02706", "scoring_system": "epss", "scoring_elements": "0.85825", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02706", "scoring_system": "epss", "scoring_elements": "0.85886", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02706", "scoring_system": "epss", "scoring_elements": "0.85901", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02706", "scoring_system": "epss", "scoring_elements": "0.85898", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02706", "scoring_system": "epss", "scoring_elements": "0.85836", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02706", "scoring_system": "epss", "scoring_elements": "0.85854", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02706", "scoring_system": "epss", "scoring_elements": "0.85858", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02706", "scoring_system": "epss", "scoring_elements": "0.85876", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1954" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1243178", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1243178" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3510", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3510" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3520", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3520" }, { "reference_url": "http://www.mozilla.org/security/announce/2016/mfsa2016-17.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-17.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "reference_url": "http://www.securitytracker.com/id/1035215", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1035215" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-2" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-3" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2934-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2934-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315569", "reference_id": "1315569", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315569" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1954", "reference_id": "CVE-2016-1954", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1954" }, { "reference_url": "https://security.gentoo.org/glsa/201605-06", "reference_id": "GLSA-201605-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201605-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-17", "reference_id": "mfsa2016-17", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0373", "reference_id": "RHSA-2016:0373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0460", "reference_id": "RHSA-2016:0460", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0460" }, { "reference_url": "https://usn.ubuntu.com/2917-1/", "reference_id": "USN-2917-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2917-1/" }, { "reference_url": "https://usn.ubuntu.com/2934-1/", "reference_id": "USN-2934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2934-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571079?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-19cb-y1de-u3bn" }, { "vulnerability": "VCID-1tcx-3zn1-ykdq" }, { "vulnerability": "VCID-2ptm-gx1p-uyhf" }, { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-3dea-vjmc-b7eb" }, { "vulnerability": "VCID-3ehk-593t-abcp" }, { "vulnerability": "VCID-3nup-1513-ybaq" }, { "vulnerability": "VCID-3tww-nhmh-gua6" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4azu-y4y6-nyff" }, { "vulnerability": "VCID-4d2q-usge-77ft" }, { "vulnerability": "VCID-4hnb-y6bt-4fb1" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-545u-wnrj-z3dh" }, { "vulnerability": "VCID-5dyh-s3yd-vqes" }, { "vulnerability": "VCID-5n3q-eby7-67de" }, { "vulnerability": "VCID-5wqt-2dtu-8qa4" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-667g-8khd-kkhm" }, { "vulnerability": "VCID-67my-umrg-wkgm" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-84kk-wfxx-t3c8" }, { "vulnerability": "VCID-86q8-2yv7-efez" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-avw6-7aqv-hbaa" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-bjyq-1zfk-eugq" }, { "vulnerability": "VCID-bp6q-cu6s-2ke7" }, { "vulnerability": "VCID-bwm1-yauc-xudu" }, { "vulnerability": "VCID-c3ex-zw8a-6bcy" }, { "vulnerability": "VCID-c83b-ttr4-83em" }, { "vulnerability": "VCID-c8p3-ef58-wudt" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-dk4z-1j37-aucx" }, { "vulnerability": "VCID-dxr7-qubc-tyb7" }, { "vulnerability": "VCID-ecm1-2298-mkfm" }, { "vulnerability": "VCID-ekxy-vaed-u7cg" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-fjam-jfc1-pkbv" }, { "vulnerability": "VCID-gcen-3yba-a3ht" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-hyhc-qud7-6uax" }, { "vulnerability": "VCID-j2ga-ggcd-fkg1" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-j6x8-vnns-1yfg" }, { "vulnerability": "VCID-j7wt-w5x2-nye4" }, { "vulnerability": "VCID-jfw1-18np-47b8" }, { "vulnerability": "VCID-js15-jev6-6fbs" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-jwze-7mfw-r3ax" }, { "vulnerability": "VCID-k131-mfqm-dka9" }, { "vulnerability": "VCID-k5hu-n47k-wffm" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-m59v-ygc2-qucg" }, { "vulnerability": "VCID-mupu-c1j2-xkgs" }, { "vulnerability": "VCID-npyt-d8qr-wqdj" }, { "vulnerability": "VCID-nr84-88hy-6fah" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pbrt-gcqj-kycv" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q4x5-dz5r-jqgr" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-qptm-f15t-57gj" }, { "vulnerability": "VCID-qtp4-ada6-tydd" }, { "vulnerability": "VCID-qu91-vc1p-dyb1" }, { "vulnerability": "VCID-r8en-yg26-w3a1" }, { "vulnerability": "VCID-rsda-j27d-8bdc" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-t4bj-qz9s-s7eb" }, { "vulnerability": "VCID-tb9n-zfut-ubht" }, { "vulnerability": "VCID-tgya-wnfn-t7eb" }, { "vulnerability": "VCID-tjjd-y1pq-ckf4" }, { "vulnerability": "VCID-ut8d-5w7x-4qg2" }, { "vulnerability": "VCID-va34-kurf-uycj" }, { "vulnerability": "VCID-va3j-erp3-3ugy" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-wgxa-54sd-rqd6" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yegk-sgdn-z3ae" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-ysg5-wc3n-fbgw" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z4ad-5vm8-t3g2" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-1954" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rsda-j27d-8bdc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31909?format=api", "vulnerability_id": "VCID-t4bj-qz9s-s7eb", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0459.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0461.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0498.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5405.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5405.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02352", "scoring_system": "epss", "scoring_elements": "0.84902", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02352", "scoring_system": "epss", "scoring_elements": "0.84907", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02352", "scoring_system": "epss", "scoring_elements": "0.84909", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02352", "scoring_system": "epss", "scoring_elements": "0.84826", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02352", "scoring_system": "epss", "scoring_elements": "0.84861", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02352", "scoring_system": "epss", "scoring_elements": "0.84883", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02352", "scoring_system": "epss", "scoring_elements": "0.84841", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02352", "scoring_system": "epss", "scoring_elements": "0.84859", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02352", "scoring_system": "epss", "scoring_elements": "0.8489", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5405" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1336699", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1336699" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3805" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3832", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3832" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-06/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-06/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-07/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-07/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-09/" }, { "reference_url": "http://www.securityfocus.com/bid/96693", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96693" }, { "reference_url": "http://www.securitytracker.com/id/1037966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037966" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429785", "reference_id": "1429785", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429785" }, { "reference_url": "https://security.archlinux.org/ASA-201703-2", "reference_id": "ASA-201703-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-2" }, { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-193", "reference_id": "AVG-193", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-193" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5405", "reference_id": "CVE-2017-5405", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5405" }, { "reference_url": "https://security.gentoo.org/glsa/201705-06", "reference_id": "GLSA-201705-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-06" }, { "reference_url": "https://security.gentoo.org/glsa/201705-07", "reference_id": "GLSA-201705-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201705-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06", "reference_id": "mfsa2017-06", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07", "reference_id": "mfsa2017-07", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0459", "reference_id": "RHSA-2017:0459", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0459" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0461", "reference_id": "RHSA-2017:0461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0498", "reference_id": "RHSA-2017:0498", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0498" }, { "reference_url": "https://usn.ubuntu.com/3216-1/", "reference_id": "USN-3216-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3216-1/" }, { "reference_url": "https://usn.ubuntu.com/3233-1/", "reference_id": "USN-3233-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3233-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2017-5405" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t4bj-qz9s-s7eb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51748?format=api", "vulnerability_id": "VCID-tb9n-zfut-ubht", "summary": "Multiple vulnerabilities have been found in Firefox, Thunderbird,\n Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with\n the worst of which may allow remote execution of arbitrary code.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1962.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1962.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1962", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02149", "scoring_system": "epss", "scoring_elements": "0.84242", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02149", "scoring_system": "epss", "scoring_elements": "0.84172", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02149", "scoring_system": "epss", "scoring_elements": "0.84232", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02149", "scoring_system": "epss", "scoring_elements": "0.8425", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02149", "scoring_system": "epss", "scoring_elements": "0.84245", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02149", "scoring_system": "epss", "scoring_elements": "0.84185", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02149", "scoring_system": "epss", "scoring_elements": "0.84203", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02149", "scoring_system": "epss", "scoring_elements": "0.84204", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02149", "scoring_system": "epss", "scoring_elements": "0.84225", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1962" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1240760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1240760" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3510", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3510" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3520", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3520" }, { "reference_url": "http://www.mozilla.org/security/announce/2016/mfsa2016-25.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-25.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "reference_url": "http://www.securitytracker.com/id/1035215", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1035215" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-2" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-3" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315578", "reference_id": "1315578", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315578" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1962", "reference_id": "CVE-2016-1962", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:C/I:C/A:C" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1962" }, { "reference_url": "https://security.gentoo.org/glsa/201605-06", "reference_id": "GLSA-201605-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201605-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-25", "reference_id": "mfsa2016-25", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-25" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0373", "reference_id": "RHSA-2016:0373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0373" }, { "reference_url": "https://usn.ubuntu.com/2917-1/", "reference_id": "USN-2917-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2917-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571079?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-19cb-y1de-u3bn" }, { "vulnerability": "VCID-1tcx-3zn1-ykdq" }, { "vulnerability": "VCID-2ptm-gx1p-uyhf" }, { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-3dea-vjmc-b7eb" }, { "vulnerability": "VCID-3ehk-593t-abcp" }, { "vulnerability": "VCID-3nup-1513-ybaq" }, { "vulnerability": "VCID-3tww-nhmh-gua6" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4azu-y4y6-nyff" }, { "vulnerability": "VCID-4d2q-usge-77ft" }, { "vulnerability": "VCID-4hnb-y6bt-4fb1" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-545u-wnrj-z3dh" }, { "vulnerability": "VCID-5dyh-s3yd-vqes" }, { "vulnerability": "VCID-5n3q-eby7-67de" }, { "vulnerability": "VCID-5wqt-2dtu-8qa4" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-667g-8khd-kkhm" }, { "vulnerability": "VCID-67my-umrg-wkgm" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-84kk-wfxx-t3c8" }, { "vulnerability": "VCID-86q8-2yv7-efez" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-avw6-7aqv-hbaa" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-bjyq-1zfk-eugq" }, { "vulnerability": "VCID-bp6q-cu6s-2ke7" }, { "vulnerability": "VCID-bwm1-yauc-xudu" }, { "vulnerability": "VCID-c3ex-zw8a-6bcy" }, { "vulnerability": "VCID-c83b-ttr4-83em" }, { "vulnerability": "VCID-c8p3-ef58-wudt" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-dk4z-1j37-aucx" }, { "vulnerability": "VCID-dxr7-qubc-tyb7" }, { "vulnerability": "VCID-ecm1-2298-mkfm" }, { "vulnerability": "VCID-ekxy-vaed-u7cg" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-fjam-jfc1-pkbv" }, { "vulnerability": "VCID-gcen-3yba-a3ht" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-hyhc-qud7-6uax" }, { "vulnerability": "VCID-j2ga-ggcd-fkg1" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-j6x8-vnns-1yfg" }, { "vulnerability": "VCID-j7wt-w5x2-nye4" }, { "vulnerability": "VCID-jfw1-18np-47b8" }, { "vulnerability": "VCID-js15-jev6-6fbs" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-jwze-7mfw-r3ax" }, { "vulnerability": "VCID-k131-mfqm-dka9" }, { "vulnerability": "VCID-k5hu-n47k-wffm" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-m59v-ygc2-qucg" }, { "vulnerability": "VCID-mupu-c1j2-xkgs" }, { "vulnerability": "VCID-npyt-d8qr-wqdj" }, { "vulnerability": "VCID-nr84-88hy-6fah" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pbrt-gcqj-kycv" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q4x5-dz5r-jqgr" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-qptm-f15t-57gj" }, { "vulnerability": "VCID-qtp4-ada6-tydd" }, { "vulnerability": "VCID-qu91-vc1p-dyb1" }, { "vulnerability": "VCID-r8en-yg26-w3a1" }, { "vulnerability": "VCID-rsda-j27d-8bdc" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-t4bj-qz9s-s7eb" }, { "vulnerability": "VCID-tb9n-zfut-ubht" }, { "vulnerability": "VCID-tgya-wnfn-t7eb" }, { "vulnerability": "VCID-tjjd-y1pq-ckf4" }, { "vulnerability": "VCID-ut8d-5w7x-4qg2" }, { "vulnerability": "VCID-va34-kurf-uycj" }, { "vulnerability": "VCID-va3j-erp3-3ugy" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-wgxa-54sd-rqd6" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yegk-sgdn-z3ae" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-ysg5-wc3n-fbgw" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z4ad-5vm8-t3g2" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-1962" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tb9n-zfut-ubht" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56748?format=api", "vulnerability_id": "VCID-tgya-wnfn-t7eb", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox and\n Thunderbird the worst of which could lead to the execution of arbitrary\n code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2780.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2780.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9066.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9066.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9066", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.20609", "scoring_system": "epss", "scoring_elements": "0.95578", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.20609", "scoring_system": "epss", "scoring_elements": "0.95577", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.20609", "scoring_system": "epss", "scoring_elements": "0.95544", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.20609", "scoring_system": "epss", "scoring_elements": "0.95575", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.20609", "scoring_system": "epss", "scoring_elements": "0.95571", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.20609", "scoring_system": "epss", "scoring_elements": "0.95568", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.20609", "scoring_system": "epss", "scoring_elements": "0.95561", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.20609", "scoring_system": "epss", "scoring_elements": "0.95558", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.20609", "scoring_system": "epss", "scoring_elements": "0.95553", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9066" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1299686", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1299686" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9064", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9064" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2016/dsa-3730", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2016/dsa-3730" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2016-89/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2016-89/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2016-90/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2016-90/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2016-93/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2016-93/" }, { "reference_url": "http://www.securityfocus.com/bid/94336", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/94336" }, { "reference_url": "http://www.securitytracker.com/id/1037298", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037298" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1395061", "reference_id": "1395061", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1395061" }, { "reference_url": "https://security.archlinux.org/ASA-201611-16", "reference_id": "ASA-201611-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-16" }, { "reference_url": "https://security.archlinux.org/AVG-72", "reference_id": "AVG-72", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-72" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9066", "reference_id": "CVE-2016-9066", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9066" }, { "reference_url": "https://security.gentoo.org/glsa/201701-15", "reference_id": "GLSA-201701-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89", "reference_id": "mfsa2016-89", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-90", "reference_id": "mfsa2016-90", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-90" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-93", "reference_id": "mfsa2016-93", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-93" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2780", "reference_id": "RHSA-2016:2780", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2780" }, { "reference_url": "https://usn.ubuntu.com/3124-1/", "reference_id": "USN-3124-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3124-1/" }, { "reference_url": "https://usn.ubuntu.com/3141-1/", "reference_id": "USN-3141-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3141-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-9066" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tgya-wnfn-t7eb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41547?format=api", "vulnerability_id": "VCID-tjjd-y1pq-ckf4", "summary": "Multiple vulnerabilities have been found in Mozilla Thunderbird,\n the worst of which could lead to the execution of arbitrary code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0190.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0190.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0238.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0238.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5390.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5390.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01748", "scoring_system": "epss", "scoring_elements": "0.82545", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01748", "scoring_system": "epss", "scoring_elements": "0.82549", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01748", "scoring_system": "epss", "scoring_elements": "0.82473", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01748", "scoring_system": "epss", "scoring_elements": "0.82554", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01748", "scoring_system": "epss", "scoring_elements": "0.82536", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01748", "scoring_system": "epss", "scoring_elements": "0.82528", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01748", "scoring_system": "epss", "scoring_elements": "0.82501", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01748", "scoring_system": "epss", "scoring_elements": "0.82487", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01748", "scoring_system": "epss", "scoring_elements": "0.82505", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5390" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1297361", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1297361" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5410" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3771" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3832", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3832" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-01/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-01/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-02/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-02/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-03/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2017-03/" }, { "reference_url": "http://www.securityfocus.com/bid/95769", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/95769" }, { "reference_url": "http://www.securitytracker.com/id/1037693", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037693" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416279", "reference_id": "1416279", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416279" }, { "reference_url": "https://security.archlinux.org/ASA-201701-39", "reference_id": "ASA-201701-39", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-39" }, { "reference_url": "https://security.archlinux.org/ASA-201701-40", "reference_id": "ASA-201701-40", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-40" }, { "reference_url": "https://security.archlinux.org/AVG-157", "reference_id": "AVG-157", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-157" }, { "reference_url": "https://security.archlinux.org/AVG-158", "reference_id": "AVG-158", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-158" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5390", "reference_id": "CVE-2017-5390", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5390" }, { "reference_url": "https://security.gentoo.org/glsa/201702-13", "reference_id": "GLSA-201702-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-13" }, { "reference_url": "https://security.gentoo.org/glsa/201702-22", "reference_id": "GLSA-201702-22", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-22" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01", "reference_id": "mfsa2017-01", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-02", "reference_id": "mfsa2017-02", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-03", "reference_id": "mfsa2017-03", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0190", "reference_id": "RHSA-2017:0190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0190" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0238", "reference_id": "RHSA-2017:0238", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0238" }, { "reference_url": "https://usn.ubuntu.com/3165-1/", "reference_id": "USN-3165-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3165-1/" }, { "reference_url": "https://usn.ubuntu.com/3175-1/", "reference_id": "USN-3175-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3175-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2017-5390" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tjjd-y1pq-ckf4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51750?format=api", "vulnerability_id": "VCID-ut8d-5w7x-4qg2", "summary": "Multiple vulnerabilities have been found in Firefox, Thunderbird,\n Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with\n the worst of which may allow remote execution of arbitrary code.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1964.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1964.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1964", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00701", "scoring_system": "epss", "scoring_elements": "0.72031", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00701", "scoring_system": "epss", "scoring_elements": "0.71984", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00701", "scoring_system": "epss", "scoring_elements": "0.72038", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00701", "scoring_system": "epss", "scoring_elements": "0.72062", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00701", "scoring_system": "epss", "scoring_elements": "0.72046", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00701", "scoring_system": "epss", "scoring_elements": "0.71991", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00701", "scoring_system": "epss", "scoring_elements": "0.72011", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00701", "scoring_system": "epss", "scoring_elements": "0.71987", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00701", "scoring_system": "epss", "scoring_elements": "0.72026", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1964" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1243335", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1243335" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3510", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3510" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3520", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3520" }, { "reference_url": "http://www.mozilla.org/security/announce/2016/mfsa2016-27.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-27.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "reference_url": "http://www.securitytracker.com/id/1035215", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1035215" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-2" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-3" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2934-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2934-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315774", "reference_id": "1315774", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315774" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1964", "reference_id": "CVE-2016-1964", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1964" }, { "reference_url": "https://security.gentoo.org/glsa/201605-06", "reference_id": "GLSA-201605-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201605-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-27", "reference_id": "mfsa2016-27", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-27" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0373", "reference_id": "RHSA-2016:0373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0460", "reference_id": "RHSA-2016:0460", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0460" }, { "reference_url": "https://usn.ubuntu.com/2917-1/", "reference_id": "USN-2917-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2917-1/" }, { "reference_url": "https://usn.ubuntu.com/2934-1/", "reference_id": "USN-2934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2934-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571079?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-19cb-y1de-u3bn" }, { "vulnerability": "VCID-1tcx-3zn1-ykdq" }, { "vulnerability": "VCID-2ptm-gx1p-uyhf" }, { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-3dea-vjmc-b7eb" }, { "vulnerability": "VCID-3ehk-593t-abcp" }, { "vulnerability": "VCID-3nup-1513-ybaq" }, { "vulnerability": "VCID-3tww-nhmh-gua6" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4azu-y4y6-nyff" }, { "vulnerability": "VCID-4d2q-usge-77ft" }, { "vulnerability": "VCID-4hnb-y6bt-4fb1" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-545u-wnrj-z3dh" }, { "vulnerability": "VCID-5dyh-s3yd-vqes" }, { "vulnerability": "VCID-5n3q-eby7-67de" }, { "vulnerability": "VCID-5wqt-2dtu-8qa4" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-667g-8khd-kkhm" }, { "vulnerability": "VCID-67my-umrg-wkgm" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-84kk-wfxx-t3c8" }, { "vulnerability": "VCID-86q8-2yv7-efez" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-avw6-7aqv-hbaa" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-bjyq-1zfk-eugq" }, { "vulnerability": "VCID-bp6q-cu6s-2ke7" }, { "vulnerability": "VCID-bwm1-yauc-xudu" }, { "vulnerability": "VCID-c3ex-zw8a-6bcy" }, { "vulnerability": "VCID-c83b-ttr4-83em" }, { "vulnerability": "VCID-c8p3-ef58-wudt" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-dk4z-1j37-aucx" }, { "vulnerability": "VCID-dxr7-qubc-tyb7" }, { "vulnerability": "VCID-ecm1-2298-mkfm" }, { "vulnerability": "VCID-ekxy-vaed-u7cg" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-fjam-jfc1-pkbv" }, { "vulnerability": "VCID-gcen-3yba-a3ht" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-hyhc-qud7-6uax" }, { "vulnerability": "VCID-j2ga-ggcd-fkg1" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-j6x8-vnns-1yfg" }, { "vulnerability": "VCID-j7wt-w5x2-nye4" }, { "vulnerability": "VCID-jfw1-18np-47b8" }, { "vulnerability": "VCID-js15-jev6-6fbs" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-jwze-7mfw-r3ax" }, { "vulnerability": "VCID-k131-mfqm-dka9" }, { "vulnerability": "VCID-k5hu-n47k-wffm" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-m59v-ygc2-qucg" }, { "vulnerability": "VCID-mupu-c1j2-xkgs" }, { "vulnerability": "VCID-npyt-d8qr-wqdj" }, { "vulnerability": "VCID-nr84-88hy-6fah" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pbrt-gcqj-kycv" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q4x5-dz5r-jqgr" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-qptm-f15t-57gj" }, { "vulnerability": "VCID-qtp4-ada6-tydd" }, { "vulnerability": "VCID-qu91-vc1p-dyb1" }, { "vulnerability": "VCID-r8en-yg26-w3a1" }, { "vulnerability": "VCID-rsda-j27d-8bdc" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-t4bj-qz9s-s7eb" }, { "vulnerability": "VCID-tb9n-zfut-ubht" }, { "vulnerability": "VCID-tgya-wnfn-t7eb" }, { "vulnerability": "VCID-tjjd-y1pq-ckf4" }, { "vulnerability": "VCID-ut8d-5w7x-4qg2" }, { "vulnerability": "VCID-va34-kurf-uycj" }, { "vulnerability": "VCID-va3j-erp3-3ugy" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-wgxa-54sd-rqd6" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yegk-sgdn-z3ae" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-ysg5-wc3n-fbgw" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z4ad-5vm8-t3g2" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-1964" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ut8d-5w7x-4qg2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43506?format=api", "vulnerability_id": "VCID-va34-kurf-uycj", "summary": "Multiple vulnerabilities have been found in Graphite, the worst of\n which could lead to the remote execution of arbitrary code.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2793.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2793.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2793", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.6834", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68276", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.6836", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68386", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68373", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68296", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68316", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68292", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68343", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2793" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1243513", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1243513" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3510", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3510" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3515", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3515" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3520", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3520" }, { "reference_url": "http://www.mozilla.org/security/announce/2016/mfsa2016-37.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-37.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "reference_url": "http://www.securityfocus.com/bid/84222", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/84222" }, { "reference_url": "http://www.securitytracker.com/id/1035215", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1035215" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-2" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-3" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2927-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2927-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2934-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2934-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315795", "reference_id": "1315795", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315795" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2793", "reference_id": "CVE-2016-2793", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2793" }, { "reference_url": "https://security.gentoo.org/glsa/201605-06", "reference_id": "GLSA-201605-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201605-06" }, { "reference_url": "https://security.gentoo.org/glsa/201701-63", "reference_id": "GLSA-201701-63", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-63" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37", "reference_id": "mfsa2016-37", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-37" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0373", "reference_id": "RHSA-2016:0373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0460", "reference_id": "RHSA-2016:0460", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0460" }, { "reference_url": "https://usn.ubuntu.com/2917-1/", "reference_id": "USN-2917-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2917-1/" }, { "reference_url": "https://usn.ubuntu.com/2927-1/", "reference_id": "USN-2927-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2927-1/" }, { "reference_url": "https://usn.ubuntu.com/2934-1/", "reference_id": "USN-2934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2934-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571079?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-19cb-y1de-u3bn" }, { "vulnerability": "VCID-1tcx-3zn1-ykdq" }, { "vulnerability": "VCID-2ptm-gx1p-uyhf" }, { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-3dea-vjmc-b7eb" }, { "vulnerability": "VCID-3ehk-593t-abcp" }, { "vulnerability": "VCID-3nup-1513-ybaq" }, { "vulnerability": "VCID-3tww-nhmh-gua6" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4azu-y4y6-nyff" }, { "vulnerability": "VCID-4d2q-usge-77ft" }, { "vulnerability": "VCID-4hnb-y6bt-4fb1" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-545u-wnrj-z3dh" }, { "vulnerability": "VCID-5dyh-s3yd-vqes" }, { "vulnerability": "VCID-5n3q-eby7-67de" }, { "vulnerability": "VCID-5wqt-2dtu-8qa4" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-667g-8khd-kkhm" }, { "vulnerability": "VCID-67my-umrg-wkgm" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-84kk-wfxx-t3c8" }, { "vulnerability": "VCID-86q8-2yv7-efez" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-avw6-7aqv-hbaa" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-bjyq-1zfk-eugq" }, { "vulnerability": "VCID-bp6q-cu6s-2ke7" }, { "vulnerability": "VCID-bwm1-yauc-xudu" }, { "vulnerability": "VCID-c3ex-zw8a-6bcy" }, { "vulnerability": "VCID-c83b-ttr4-83em" }, { "vulnerability": "VCID-c8p3-ef58-wudt" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-dk4z-1j37-aucx" }, { "vulnerability": "VCID-dxr7-qubc-tyb7" }, { "vulnerability": "VCID-ecm1-2298-mkfm" }, { "vulnerability": "VCID-ekxy-vaed-u7cg" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-fjam-jfc1-pkbv" }, { "vulnerability": "VCID-gcen-3yba-a3ht" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-hyhc-qud7-6uax" }, { "vulnerability": "VCID-j2ga-ggcd-fkg1" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-j6x8-vnns-1yfg" }, { "vulnerability": "VCID-j7wt-w5x2-nye4" }, { "vulnerability": "VCID-jfw1-18np-47b8" }, { "vulnerability": "VCID-js15-jev6-6fbs" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-jwze-7mfw-r3ax" }, { "vulnerability": "VCID-k131-mfqm-dka9" }, { "vulnerability": "VCID-k5hu-n47k-wffm" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-m59v-ygc2-qucg" }, { "vulnerability": "VCID-mupu-c1j2-xkgs" }, { "vulnerability": "VCID-npyt-d8qr-wqdj" }, { "vulnerability": "VCID-nr84-88hy-6fah" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pbrt-gcqj-kycv" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q4x5-dz5r-jqgr" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-qptm-f15t-57gj" }, { "vulnerability": "VCID-qtp4-ada6-tydd" }, { "vulnerability": "VCID-qu91-vc1p-dyb1" }, { "vulnerability": "VCID-r8en-yg26-w3a1" }, { "vulnerability": "VCID-rsda-j27d-8bdc" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-t4bj-qz9s-s7eb" }, { "vulnerability": "VCID-tb9n-zfut-ubht" }, { "vulnerability": "VCID-tgya-wnfn-t7eb" }, { "vulnerability": "VCID-tjjd-y1pq-ckf4" }, { "vulnerability": "VCID-ut8d-5w7x-4qg2" }, { "vulnerability": "VCID-va34-kurf-uycj" }, { "vulnerability": "VCID-va3j-erp3-3ugy" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-wgxa-54sd-rqd6" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yegk-sgdn-z3ae" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-ysg5-wc3n-fbgw" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z4ad-5vm8-t3g2" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-2793" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-va34-kurf-uycj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56644?format=api", "vulnerability_id": "VCID-va3j-erp3-3ugy", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox and\n Thunderbird the worst of which could lead to the execution of arbitrary\n code.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00023.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00023.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00054.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00054.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00057.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00057.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-0695.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-0695.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1041.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-1041.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2807.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2807.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2807", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01777", "scoring_system": "epss", "scoring_elements": "0.82682", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01777", "scoring_system": "epss", "scoring_elements": "0.82616", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01777", "scoring_system": "epss", "scoring_elements": "0.82668", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01777", "scoring_system": "epss", "scoring_elements": "0.82674", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01777", "scoring_system": "epss", "scoring_elements": "0.82692", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01777", "scoring_system": "epss", "scoring_elements": "0.82686", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01777", "scoring_system": "epss", "scoring_elements": "0.82631", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01777", "scoring_system": "epss", "scoring_elements": "0.82646", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01777", "scoring_system": "epss", "scoring_elements": "0.82642", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2807" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1187420", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1187420" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1252707", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1252707" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1254164", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1254164" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1254622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1254622" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1254876", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1254876" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2808", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2808" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2814", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2814" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3559", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3559" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3576", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3576" }, { "reference_url": "http://www.mozilla.org/security/announce/2016/mfsa2016-39.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-39.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "reference_url": "http://www.securitytracker.com/id/1035692", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1035692" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2936-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2936-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2936-2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2936-2" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2936-3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2936-3" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2973-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2973-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1330271", "reference_id": "1330271", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1330271" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:45.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2807", "reference_id": "CVE-2016-2807", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:C/I:C/A:C" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2807" }, { "reference_url": "https://security.gentoo.org/glsa/201701-15", "reference_id": "GLSA-201701-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-39", "reference_id": "mfsa2016-39", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-39" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0695", "reference_id": "RHSA-2016:0695", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0695" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1041", "reference_id": "RHSA-2016:1041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1041" }, { "reference_url": "https://usn.ubuntu.com/2936-1/", "reference_id": "USN-2936-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2936-1/" }, { "reference_url": "https://usn.ubuntu.com/2973-1/", "reference_id": "USN-2973-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2973-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-2807" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-va3j-erp3-3ugy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56677?format=api", "vulnerability_id": "VCID-wgxa-54sd-rqd6", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox and\n Thunderbird the worst of which could lead to the execution of arbitrary\n code.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1551.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-1551.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1809.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-1809.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2836.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2836.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2836", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00533", "scoring_system": "epss", "scoring_elements": "0.67304", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00533", "scoring_system": "epss", "scoring_elements": "0.67379", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00533", "scoring_system": "epss", "scoring_elements": "0.67391", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00533", "scoring_system": "epss", "scoring_elements": "0.67405", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00533", "scoring_system": "epss", "scoring_elements": "0.67425", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00533", "scoring_system": "epss", "scoring_elements": "0.67413", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00533", "scoring_system": "epss", "scoring_elements": "0.6734", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00533", "scoring_system": "epss", "scoring_elements": "0.67363", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2836" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1154923", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1154923" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1249578", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1249578" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1257765", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1257765" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1258079", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1258079" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1268626", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1268626" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1282502", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1282502" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1283823", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1283823" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=822081", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=822081" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3640", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3640" }, { "reference_url": "http://www.mozilla.org/security/announce/2016/mfsa2016-62.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-62.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" }, { "reference_url": "http://www.securityfocus.com/bid/92261", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/92261" }, { "reference_url": "http://www.securitytracker.com/id/1036508", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1036508" }, { "reference_url": "http://www.ubuntu.com/usn/USN-3044-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-3044-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1361974", "reference_id": "1361974", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1361974" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:45.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:45.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2836", "reference_id": "CVE-2016-2836", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2836" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2836", "reference_id": "CVE-2016-2836", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2836" }, { "reference_url": "https://security.gentoo.org/glsa/201701-15", "reference_id": "GLSA-201701-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-62", "reference_id": "mfsa2016-62", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-62" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1551", "reference_id": "RHSA-2016:1551", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1551" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1809", "reference_id": "RHSA-2016:1809", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1809" }, { "reference_url": "https://usn.ubuntu.com/3044-1/", "reference_id": "USN-3044-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3044-1/" }, { "reference_url": "https://usn.ubuntu.com/3073-1/", "reference_id": "USN-3073-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3073-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-2836" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wgxa-54sd-rqd6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56745?format=api", "vulnerability_id": "VCID-yegk-sgdn-z3ae", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox and\n Thunderbird the worst of which could lead to the execution of arbitrary\n code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2780.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2780.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5296.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5296.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5296", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0257", "scoring_system": "epss", "scoring_elements": "0.8554", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0257", "scoring_system": "epss", "scoring_elements": "0.85544", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0257", "scoring_system": "epss", "scoring_elements": "0.85469", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0257", "scoring_system": "epss", "scoring_elements": "0.85545", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0257", "scoring_system": "epss", "scoring_elements": "0.85531", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0257", "scoring_system": "epss", "scoring_elements": "0.85522", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0257", "scoring_system": "epss", "scoring_elements": "0.85502", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0257", "scoring_system": "epss", "scoring_elements": "0.85498", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0257", "scoring_system": "epss", "scoring_elements": "0.85481", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5296" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1292443", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1292443" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9064", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9064" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9079" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2016/dsa-3730", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2016/dsa-3730" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2016-89/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2016-89/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2016-90/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2016-90/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2016-93/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2016-93/" }, { "reference_url": "http://www.securityfocus.com/bid/94339", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/94339" }, { "reference_url": "http://www.securitytracker.com/id/1037298", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037298" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1395055", "reference_id": "1395055", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1395055" }, { "reference_url": "https://security.archlinux.org/ASA-201611-16", "reference_id": "ASA-201611-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-16" }, { "reference_url": "https://security.archlinux.org/AVG-72", "reference_id": "AVG-72", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-72" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5296", "reference_id": "CVE-2016-5296", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5296" }, { "reference_url": "https://security.gentoo.org/glsa/201701-15", "reference_id": "GLSA-201701-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89", "reference_id": "mfsa2016-89", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-89" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-90", "reference_id": "mfsa2016-90", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-90" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-93", "reference_id": "mfsa2016-93", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-93" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2780", "reference_id": "RHSA-2016:2780", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2780" }, { "reference_url": "https://usn.ubuntu.com/3124-1/", "reference_id": "USN-3124-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3124-1/" }, { "reference_url": "https://usn.ubuntu.com/3141-1/", "reference_id": "USN-3141-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3141-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-5296" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yegk-sgdn-z3ae" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56752?format=api", "vulnerability_id": "VCID-ysg5-wc3n-fbgw", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox and\n Thunderbird the worst of which could lead to the execution of arbitrary\n code.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2946.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2946.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2973.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2973.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9893.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9893.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9893", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02683", "scoring_system": "epss", "scoring_elements": "0.85849", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02683", "scoring_system": "epss", "scoring_elements": "0.85853", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02683", "scoring_system": "epss", "scoring_elements": "0.85776", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02683", "scoring_system": "epss", "scoring_elements": "0.85856", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02683", "scoring_system": "epss", "scoring_elements": "0.85842", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02683", "scoring_system": "epss", "scoring_elements": "0.85831", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02683", "scoring_system": "epss", "scoring_elements": "0.85813", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02683", "scoring_system": "epss", "scoring_elements": "0.85807", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02683", "scoring_system": "epss", "scoring_elements": "0.85789", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9893" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1319524%2C1298773%2C1299098%2C1309834%2C1312609%2C1313212%2C1317805%2C1312548%2C1315631%2C1287912", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1319524%2C1298773%2C1299098%2C1309834%2C1312609%2C1313212%2C1317805%2C1312548%2C1315631%2C1287912" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3757" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2016-94/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2016-94/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2016-95/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2016-95/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2016-96/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2016-96/" }, { "reference_url": "http://www.securityfocus.com/bid/94885", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/94885" }, { "reference_url": "http://www.securitytracker.com/id/1037461", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037461" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1404096", "reference_id": "1404096", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1404096" }, { "reference_url": "https://security.archlinux.org/ASA-201612-15", "reference_id": "ASA-201612-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201612-15" }, { "reference_url": "https://security.archlinux.org/AVG-106", "reference_id": "AVG-106", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-106" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9893", "reference_id": "CVE-2016-9893", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9893" }, { "reference_url": "https://security.gentoo.org/glsa/201701-15", "reference_id": "GLSA-201701-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-94", "reference_id": "mfsa2016-94", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-94" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-95", "reference_id": "mfsa2016-95", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-95" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-96", "reference_id": "mfsa2016-96", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-96" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2946", "reference_id": "RHSA-2016:2946", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2946" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2973", "reference_id": "RHSA-2016:2973", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2973" }, { "reference_url": "https://usn.ubuntu.com/3155-1/", "reference_id": "USN-3155-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3155-1/" }, { "reference_url": "https://usn.ubuntu.com/3165-1/", "reference_id": "USN-3165-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3165-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-9893" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ysg5-wc3n-fbgw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51752?format=api", "vulnerability_id": "VCID-z4ad-5vm8-t3g2", "summary": "Multiple vulnerabilities have been found in Firefox, Thunderbird,\n Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with\n the worst of which may allow remote execution of arbitrary code.", "references": [ { "reference_url": "http://hg.mozilla.org/releases/mozilla-release/rev/f0d2911a9a4e", "reference_id": "", "reference_type": "", "scores": [], "url": "http://hg.mozilla.org/releases/mozilla-release/rev/f0d2911a9a4e" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1966.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1966.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1966", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00797", "scoring_system": "epss", "scoring_elements": "0.74003", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00797", "scoring_system": "epss", "scoring_elements": "0.73955", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00797", "scoring_system": "epss", "scoring_elements": "0.74006", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00797", "scoring_system": "epss", "scoring_elements": "0.74028", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00797", "scoring_system": "epss", "scoring_elements": "0.7401", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00797", "scoring_system": "epss", "scoring_elements": "0.73962", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00797", "scoring_system": "epss", "scoring_elements": "0.73987", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00797", "scoring_system": "epss", "scoring_elements": "0.73958", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00797", "scoring_system": "epss", "scoring_elements": "0.73992", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1966" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1246054", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1246054" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3510", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3510" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3520", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3520" }, { "reference_url": "http://www.mozilla.org/security/announce/2016/mfsa2016-31.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-31.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "reference_url": "http://www.securitytracker.com/id/1035215", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1035215" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-2" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2917-3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2917-3" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2934-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2934-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315778", "reference_id": "1315778", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315778" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1966", "reference_id": "CVE-2016-1966", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1966" }, { "reference_url": "https://security.gentoo.org/glsa/201605-06", "reference_id": "GLSA-201605-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201605-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-31", "reference_id": "mfsa2016-31", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-31" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0373", "reference_id": "RHSA-2016:0373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0460", "reference_id": "RHSA-2016:0460", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0460" }, { "reference_url": "https://usn.ubuntu.com/2917-1/", "reference_id": "USN-2917-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2917-1/" }, { "reference_url": "https://usn.ubuntu.com/2934-1/", "reference_id": "USN-2934-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2934-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571079?format=api", "purl": "pkg:deb/debian/icedove@38.7.0-1~deb7u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-19cb-y1de-u3bn" }, { "vulnerability": "VCID-1tcx-3zn1-ykdq" }, { "vulnerability": "VCID-2ptm-gx1p-uyhf" }, { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-3dea-vjmc-b7eb" }, { "vulnerability": "VCID-3ehk-593t-abcp" }, { "vulnerability": "VCID-3nup-1513-ybaq" }, { "vulnerability": "VCID-3tww-nhmh-gua6" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4azu-y4y6-nyff" }, { "vulnerability": "VCID-4d2q-usge-77ft" }, { "vulnerability": "VCID-4hnb-y6bt-4fb1" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-545u-wnrj-z3dh" }, { "vulnerability": "VCID-5dyh-s3yd-vqes" }, { "vulnerability": "VCID-5n3q-eby7-67de" }, { "vulnerability": "VCID-5wqt-2dtu-8qa4" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-667g-8khd-kkhm" }, { "vulnerability": "VCID-67my-umrg-wkgm" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-84kk-wfxx-t3c8" }, { "vulnerability": "VCID-86q8-2yv7-efez" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-avw6-7aqv-hbaa" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-bjyq-1zfk-eugq" }, { "vulnerability": "VCID-bp6q-cu6s-2ke7" }, { "vulnerability": "VCID-bwm1-yauc-xudu" }, { "vulnerability": "VCID-c3ex-zw8a-6bcy" }, { "vulnerability": "VCID-c83b-ttr4-83em" }, { "vulnerability": "VCID-c8p3-ef58-wudt" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-dk4z-1j37-aucx" }, { "vulnerability": "VCID-dxr7-qubc-tyb7" }, { "vulnerability": "VCID-ecm1-2298-mkfm" }, { "vulnerability": "VCID-ekxy-vaed-u7cg" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-fjam-jfc1-pkbv" }, { "vulnerability": "VCID-gcen-3yba-a3ht" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-hyhc-qud7-6uax" }, { "vulnerability": "VCID-j2ga-ggcd-fkg1" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-j6x8-vnns-1yfg" }, { "vulnerability": "VCID-j7wt-w5x2-nye4" }, { "vulnerability": "VCID-jfw1-18np-47b8" }, { "vulnerability": "VCID-js15-jev6-6fbs" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-jwze-7mfw-r3ax" }, { "vulnerability": "VCID-k131-mfqm-dka9" }, { "vulnerability": "VCID-k5hu-n47k-wffm" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-m59v-ygc2-qucg" }, { "vulnerability": "VCID-mupu-c1j2-xkgs" }, { "vulnerability": "VCID-npyt-d8qr-wqdj" }, { "vulnerability": "VCID-nr84-88hy-6fah" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pbrt-gcqj-kycv" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q4x5-dz5r-jqgr" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-qptm-f15t-57gj" }, { "vulnerability": "VCID-qtp4-ada6-tydd" }, { "vulnerability": "VCID-qu91-vc1p-dyb1" }, { "vulnerability": "VCID-r8en-yg26-w3a1" }, { "vulnerability": "VCID-rsda-j27d-8bdc" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-t4bj-qz9s-s7eb" }, { "vulnerability": "VCID-tb9n-zfut-ubht" }, { "vulnerability": "VCID-tgya-wnfn-t7eb" }, { "vulnerability": "VCID-tjjd-y1pq-ckf4" }, { "vulnerability": "VCID-ut8d-5w7x-4qg2" }, { "vulnerability": "VCID-va34-kurf-uycj" }, { "vulnerability": "VCID-va3j-erp3-3ugy" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-wgxa-54sd-rqd6" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yegk-sgdn-z3ae" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-ysg5-wc3n-fbgw" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z4ad-5vm8-t3g2" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@38.7.0-1~deb7u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035514?format=api", "purl": "pkg:deb/debian/icedove@1:45.8.0-3~deb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cbn-278y-hkah" }, { "vulnerability": "VCID-48em-7yxs-pqf9" }, { "vulnerability": "VCID-4jqv-p541-tfa9" }, { "vulnerability": "VCID-622g-5uav-bbgd" }, { "vulnerability": "VCID-7mvz-mr2e-hyfx" }, { "vulnerability": "VCID-9k9g-4cxt-3faj" }, { "vulnerability": "VCID-awue-n9ua-hfej" }, { "vulnerability": "VCID-d7jf-wx4p-cuek" }, { "vulnerability": "VCID-dck1-2x3v-1ygr" }, { "vulnerability": "VCID-f7zd-nx3e-tba1" }, { "vulnerability": "VCID-h63e-ngr6-zqee" }, { "vulnerability": "VCID-hk7b-ckyd-7qg2" }, { "vulnerability": "VCID-hw2h-w5r2-7qhv" }, { "vulnerability": "VCID-j56s-gf2k-zqdx" }, { "vulnerability": "VCID-jwnz-gnjs-1uaa" }, { "vulnerability": "VCID-k79j-1yvn-qfd2" }, { "vulnerability": "VCID-nyn2-zf8c-67cb" }, { "vulnerability": "VCID-pmwj-2v2k-nfcb" }, { "vulnerability": "VCID-pww9-m9d4-euew" }, { "vulnerability": "VCID-q7jk-b69d-bbav" }, { "vulnerability": "VCID-qetw-2ah7-5ba4" }, { "vulnerability": "VCID-qh1k-c7ct-efg8" }, { "vulnerability": "VCID-qhes-9dcx-tbb5" }, { "vulnerability": "VCID-rsqj-18a5-23gd" }, { "vulnerability": "VCID-s558-4jac-47ft" }, { "vulnerability": "VCID-sncj-cwvy-ckdf" }, { "vulnerability": "VCID-vgwu-jbjv-xyd1" }, { "vulnerability": "VCID-xztj-hyqy-gug6" }, { "vulnerability": "VCID-xzxb-5pq8-9bfd" }, { "vulnerability": "VCID-yk2z-f6vu-93fb" }, { "vulnerability": "VCID-z3r1-zkkw-8fhq" }, { "vulnerability": "VCID-z7sd-q1rk-jqa7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" } ], "aliases": [ "CVE-2016-1966" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z4ad-5vm8-t3g2" } ], "risk_score": "4.5", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icedove@1:45.8.0-3~deb8u1" }