Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:rpm/redhat/thunderbird@38.7.0-1?arch=el5_11

Type rpm

Namespace redhat

Name thunderbird

Version 38.7.0-1

Qualifiers

arch	el5_11

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url

VCID-19cb-y1de-u3bn

vulnerability_id

VCID-19cb-y1de-u3bn

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1957.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1957.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1957

reference_id

reference_type

scores

value	0.00355
scoring_system	epss
scoring_elements	0.57851
published_at	2026-04-16T12:55:00Z

value	0.00355
scoring_system	epss
scoring_elements	0.57713
published_at	2026-04-01T12:55:00Z

value	0.00355
scoring_system	epss
scoring_elements	0.57864
published_at	2026-04-11T12:55:00Z

value	0.00355
scoring_system	epss
scoring_elements	0.57843
published_at	2026-04-12T12:55:00Z

value	0.00355
scoring_system	epss
scoring_elements	0.57822
published_at	2026-04-13T12:55:00Z

value	0.00355
scoring_system	epss
scoring_elements	0.57797
published_at	2026-04-02T12:55:00Z

value	0.00355
scoring_system	epss
scoring_elements	0.57817
published_at	2026-04-04T12:55:00Z

value	0.00355
scoring_system	epss
scoring_elements	0.57791
published_at	2026-04-07T12:55:00Z

value	0.00355
scoring_system	epss
scoring_elements	0.57846
published_at	2026-04-08T12:55:00Z

value	0.00355
scoring_system	epss
scoring_elements	0.57848
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1957

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1227052
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1227052

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802

reference_url	http://www.debian.org/security/2016/dsa-3510
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3510

reference_url	http://www.debian.org/security/2016/dsa-3520
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3520

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-20.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-20.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	http://www.ubuntu.com/usn/USN-2934-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2934-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315573
reference_id	1315573
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315573

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:::::::*
reference_id	cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*
reference_id	cpe:2.3:o:oracle:linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*
reference_id	cpe:2.3:o:oracle:linux:6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
reference_id	cpe:2.3:o:oracle:linux:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1957

reference_id

CVE-2016-1957

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1957

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-20

reference_id

mfsa2016-20

reference_type

scores

value	low
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-20

reference_url	https://access.redhat.com/errata/RHSA-2016:0373
reference_id	RHSA-2016:0373
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0373

reference_url	https://access.redhat.com/errata/RHSA-2016:0460
reference_id	RHSA-2016:0460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0460

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

reference_url	https://usn.ubuntu.com/2934-1/
reference_id	USN-2934-1
reference_type
scores
url	https://usn.ubuntu.com/2934-1/

fixed_packages

aliases

CVE-2016-1957

risk_score

1.9

exploitability

0.5

weighted_severity

3.9

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-19cb-y1de-u3bn

url

VCID-4azu-y4y6-nyff

vulnerability_id

VCID-4azu-y4y6-nyff

summary

Multiple vulnerabilities have been found in Graphite, the worst of
    which could lead to the remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2794.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2794.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2794

reference_id

reference_type

scores

value	0.00875
scoring_system	epss
scoring_elements	0.75327
published_at	2026-04-16T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.75235
published_at	2026-04-01T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.75321
published_at	2026-04-11T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.75299
published_at	2026-04-12T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.75288
published_at	2026-04-13T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.75238
published_at	2026-04-02T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.7527
published_at	2026-04-04T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.75247
published_at	2026-04-07T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.75289
published_at	2026-04-08T12:55:00Z

value	0.00875
scoring_system	epss
scoring_elements	0.753
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2794

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1243526
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1243526

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802

reference_url	http://www.debian.org/security/2016/dsa-3510
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3510

reference_url	http://www.debian.org/security/2016/dsa-3515
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3515

reference_url	http://www.debian.org/security/2016/dsa-3520
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3520

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securityfocus.com/bid/84222
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84222

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	http://www.ubuntu.com/usn/USN-2927-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2927-1

reference_url	http://www.ubuntu.com/usn/USN-2934-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2934-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795
reference_id	1315795
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::
reference_id	cpe:2.3:a:sil:graphite2::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*
reference_id	cpe:2.3:o:oracle:linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*
reference_id	cpe:2.3:o:oracle:linux:6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
reference_id	cpe:2.3:o:oracle:linux:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_id	cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-2794

reference_id

CVE-2016-2794

reference_type

scores

value	9.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:C/I:C/A:C

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-2794

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url	https://security.gentoo.org/glsa/201701-63
reference_id	GLSA-201701-63
reference_type
scores
url	https://security.gentoo.org/glsa/201701-63

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_id

mfsa2016-37

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_url	https://access.redhat.com/errata/RHSA-2016:0373
reference_id	RHSA-2016:0373
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0373

reference_url	https://access.redhat.com/errata/RHSA-2016:0460
reference_id	RHSA-2016:0460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0460

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

reference_url	https://usn.ubuntu.com/2927-1/
reference_id	USN-2927-1
reference_type
scores
url	https://usn.ubuntu.com/2927-1/

reference_url	https://usn.ubuntu.com/2934-1/
reference_id	USN-2934-1
reference_type
scores
url	https://usn.ubuntu.com/2934-1/

fixed_packages

aliases

CVE-2016-2794

risk_score

4.5

exploitability

0.5

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-4azu-y4y6-nyff

url

VCID-4hnb-y6bt-4fb1

vulnerability_id

VCID-4hnb-y6bt-4fb1

summary

Multiple vulnerabilities have been found in Graphite, the worst of
    which could lead to the remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2798.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2798.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2798

reference_id

reference_type

scores

value	0.00565
scoring_system	epss
scoring_elements	0.6846
published_at	2026-04-16T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68356
published_at	2026-04-01T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68467
published_at	2026-04-11T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68455
published_at	2026-04-12T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68422
published_at	2026-04-13T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68377
published_at	2026-04-02T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68396
published_at	2026-04-04T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68373
published_at	2026-04-07T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68423
published_at	2026-04-08T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.6844
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2798

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1248805
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1248805

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802

reference_url	http://www.debian.org/security/2016/dsa-3510
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3510

reference_url	http://www.debian.org/security/2016/dsa-3515
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3515

reference_url	http://www.debian.org/security/2016/dsa-3520
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3520

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securityfocus.com/bid/84222
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84222

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	http://www.ubuntu.com/usn/USN-2927-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2927-1

reference_url	http://www.ubuntu.com/usn/USN-2934-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2934-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795
reference_id	1315795
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::
reference_id	cpe:2.3:a:sil:graphite2::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*
reference_id	cpe:2.3:o:oracle:linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*
reference_id	cpe:2.3:o:oracle:linux:6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
reference_id	cpe:2.3:o:oracle:linux:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_id	cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-2798

reference_id

CVE-2016-2798

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-2798

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url	https://security.gentoo.org/glsa/201701-63
reference_id	GLSA-201701-63
reference_type
scores
url	https://security.gentoo.org/glsa/201701-63

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_id

mfsa2016-37

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_url	https://access.redhat.com/errata/RHSA-2016:0373
reference_id	RHSA-2016:0373
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0373

reference_url	https://access.redhat.com/errata/RHSA-2016:0460
reference_id	RHSA-2016:0460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0460

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

reference_url	https://usn.ubuntu.com/2927-1/
reference_id	USN-2927-1
reference_type
scores
url	https://usn.ubuntu.com/2927-1/

reference_url	https://usn.ubuntu.com/2934-1/
reference_id	USN-2934-1
reference_type
scores
url	https://usn.ubuntu.com/2934-1/

fixed_packages

aliases

CVE-2016-2798

risk_score

4.5

exploitability

0.5

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-4hnb-y6bt-4fb1

url

VCID-67my-umrg-wkgm

vulnerability_id

VCID-67my-umrg-wkgm

summary

Multiple vulnerabilities have been found in Graphite, the worst of
    which could lead to the remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2802.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2802.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2802

reference_id

reference_type

scores

value	0.00565
scoring_system	epss
scoring_elements	0.6846
published_at	2026-04-16T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68356
published_at	2026-04-01T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68467
published_at	2026-04-11T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68455
published_at	2026-04-12T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68422
published_at	2026-04-13T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68377
published_at	2026-04-02T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68396
published_at	2026-04-04T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68373
published_at	2026-04-07T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68423
published_at	2026-04-08T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.6844
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2802

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1248804
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1248804

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802

reference_url	http://www.debian.org/security/2016/dsa-3510
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3510

reference_url	http://www.debian.org/security/2016/dsa-3515
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3515

reference_url	http://www.debian.org/security/2016/dsa-3520
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3520

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securityfocus.com/bid/84222
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84222

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	http://www.ubuntu.com/usn/USN-2927-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2927-1

reference_url	http://www.ubuntu.com/usn/USN-2934-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2934-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795
reference_id	1315795
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::
reference_id	cpe:2.3:a:sil:graphite2::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*
reference_id	cpe:2.3:o:oracle:linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*
reference_id	cpe:2.3:o:oracle:linux:6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
reference_id	cpe:2.3:o:oracle:linux:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_id	cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-2802

reference_id

CVE-2016-2802

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-2802

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url	https://security.gentoo.org/glsa/201701-63
reference_id	GLSA-201701-63
reference_type
scores
url	https://security.gentoo.org/glsa/201701-63

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_id

mfsa2016-37

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_url	https://access.redhat.com/errata/RHSA-2016:0373
reference_id	RHSA-2016:0373
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0373

reference_url	https://access.redhat.com/errata/RHSA-2016:0460
reference_id	RHSA-2016:0460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0460

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

reference_url	https://usn.ubuntu.com/2927-1/
reference_id	USN-2927-1
reference_type
scores
url	https://usn.ubuntu.com/2927-1/

reference_url	https://usn.ubuntu.com/2934-1/
reference_id	USN-2934-1
reference_type
scores
url	https://usn.ubuntu.com/2934-1/

fixed_packages

aliases

CVE-2016-2802

risk_score

4.5

exploitability

0.5

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-67my-umrg-wkgm

url

VCID-86q8-2yv7-efez

vulnerability_id

VCID-86q8-2yv7-efez

summary

Multiple vulnerabilities have been found in Graphite, the worst of
    which could lead to the remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2790.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2790.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2790

reference_id

reference_type

scores

value	0.00565
scoring_system	epss
scoring_elements	0.6846
published_at	2026-04-16T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68356
published_at	2026-04-01T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68467
published_at	2026-04-11T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68455
published_at	2026-04-12T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68422
published_at	2026-04-13T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68377
published_at	2026-04-02T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68396
published_at	2026-04-04T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68373
published_at	2026-04-07T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68423
published_at	2026-04-08T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.6844
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2790

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1243464
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1243464

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802

reference_url	http://www.debian.org/security/2016/dsa-3510
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3510

reference_url	http://www.debian.org/security/2016/dsa-3515
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3515

reference_url	http://www.debian.org/security/2016/dsa-3520
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3520

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securityfocus.com/bid/84222
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84222

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	http://www.ubuntu.com/usn/USN-2927-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2927-1

reference_url	http://www.ubuntu.com/usn/USN-2934-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2934-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795
reference_id	1315795
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::
reference_id	cpe:2.3:a:sil:graphite2::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*
reference_id	cpe:2.3:o:oracle:linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*
reference_id	cpe:2.3:o:oracle:linux:6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
reference_id	cpe:2.3:o:oracle:linux:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_id	cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-2790

reference_id

CVE-2016-2790

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-2790

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url	https://security.gentoo.org/glsa/201701-63
reference_id	GLSA-201701-63
reference_type
scores
url	https://security.gentoo.org/glsa/201701-63

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_id

mfsa2016-37

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_url	https://access.redhat.com/errata/RHSA-2016:0373
reference_id	RHSA-2016:0373
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0373

reference_url	https://access.redhat.com/errata/RHSA-2016:0460
reference_id	RHSA-2016:0460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0460

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

reference_url	https://usn.ubuntu.com/2927-1/
reference_id	USN-2927-1
reference_type
scores
url	https://usn.ubuntu.com/2927-1/

reference_url	https://usn.ubuntu.com/2934-1/
reference_id	USN-2934-1
reference_type
scores
url	https://usn.ubuntu.com/2934-1/

fixed_packages

aliases

CVE-2016-2790

risk_score

4.5

exploitability

0.5

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-86q8-2yv7-efez

url

VCID-94py-4f6r-gbf9

vulnerability_id

VCID-94py-4f6r-gbf9

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1952.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1952.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1952

reference_id

reference_type

scores

value	0.00321
scoring_system	epss
scoring_elements	0.55193
published_at	2026-04-16T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.5503
published_at	2026-04-01T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55191
published_at	2026-04-11T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55173
published_at	2026-04-12T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55154
published_at	2026-04-13T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55132
published_at	2026-04-02T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55155
published_at	2026-04-04T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.5513
published_at	2026-04-07T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.5518
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1952

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1123661
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1123661

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1221872
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1221872

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1224979
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1224979

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1234578
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1234578

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1241217
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1241217

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1242279
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1242279

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1244250
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1244250

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1244995
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1244995

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1249685
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1249685

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802

reference_url	http://www.debian.org/security/2016/dsa-3510
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3510

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-16.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-16.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	http://www.ubuntu.com/usn/USN-2934-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2934-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315566
reference_id	1315566
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315566

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:::::::*
reference_id	cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*
reference_id	cpe:2.3:o:oracle:linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*
reference_id	cpe:2.3:o:oracle:linux:6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
reference_id	cpe:2.3:o:oracle:linux:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1952

reference_id

CVE-2016-1952

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1952

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-16

reference_id

mfsa2016-16

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-16

reference_url	https://access.redhat.com/errata/RHSA-2016:0373
reference_id	RHSA-2016:0373
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0373

reference_url	https://access.redhat.com/errata/RHSA-2016:0460
reference_id	RHSA-2016:0460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0460

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

reference_url	https://usn.ubuntu.com/2934-1/
reference_id	USN-2934-1
reference_type
scores
url	https://usn.ubuntu.com/2934-1/

fixed_packages

aliases

CVE-2016-1952

risk_score

4.5

exploitability

0.5

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-94py-4f6r-gbf9

url

VCID-bwm1-yauc-xudu

vulnerability_id

VCID-bwm1-yauc-xudu

summary

Multiple vulnerabilities have been found in Graphite, the worst of
    which could lead to the remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2801.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2801.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2801

reference_id

reference_type

scores

value	0.00565
scoring_system	epss
scoring_elements	0.6846
published_at	2026-04-16T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68356
published_at	2026-04-01T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68467
published_at	2026-04-11T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68455
published_at	2026-04-12T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68422
published_at	2026-04-13T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68377
published_at	2026-04-02T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68396
published_at	2026-04-04T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68373
published_at	2026-04-07T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68423
published_at	2026-04-08T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.6844
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2801

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1249920
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1249920

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802

reference_url	http://www.debian.org/security/2016/dsa-3510
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3510

reference_url	http://www.debian.org/security/2016/dsa-3515
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3515

reference_url	http://www.debian.org/security/2016/dsa-3520
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3520

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securityfocus.com/bid/84222
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84222

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	http://www.ubuntu.com/usn/USN-2927-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2927-1

reference_url	http://www.ubuntu.com/usn/USN-2934-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2934-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795
reference_id	1315795
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::
reference_id	cpe:2.3:a:sil:graphite2::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*
reference_id	cpe:2.3:o:oracle:linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*
reference_id	cpe:2.3:o:oracle:linux:6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
reference_id	cpe:2.3:o:oracle:linux:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_id	cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-2801

reference_id

CVE-2016-2801

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-2801

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url	https://security.gentoo.org/glsa/201701-63
reference_id	GLSA-201701-63
reference_type
scores
url	https://security.gentoo.org/glsa/201701-63

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_id

mfsa2016-37

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_url	https://access.redhat.com/errata/RHSA-2016:0373
reference_id	RHSA-2016:0373
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0373

reference_url	https://access.redhat.com/errata/RHSA-2016:0460
reference_id	RHSA-2016:0460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0460

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

reference_url	https://usn.ubuntu.com/2927-1/
reference_id	USN-2927-1
reference_type
scores
url	https://usn.ubuntu.com/2927-1/

reference_url	https://usn.ubuntu.com/2934-1/
reference_id	USN-2934-1
reference_type
scores
url	https://usn.ubuntu.com/2934-1/

fixed_packages

aliases

CVE-2016-2801

risk_score

4.5

exploitability

0.5

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-bwm1-yauc-xudu

url

VCID-c83b-ttr4-83em

vulnerability_id

VCID-c83b-ttr4-83em

summary

Multiple vulnerabilities have been found in Graphite, the worst of
    which could lead to the remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2797.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2797.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2797

reference_id

reference_type

scores

value	0.00562
scoring_system	epss
scoring_elements	0.6838
published_at	2026-04-16T12:55:00Z

value	0.00562
scoring_system	epss
scoring_elements	0.68276
published_at	2026-04-01T12:55:00Z

value	0.00562
scoring_system	epss
scoring_elements	0.68386
published_at	2026-04-11T12:55:00Z

value	0.00562
scoring_system	epss
scoring_elements	0.68373
published_at	2026-04-12T12:55:00Z

value	0.00562
scoring_system	epss
scoring_elements	0.6834
published_at	2026-04-13T12:55:00Z

value	0.00562
scoring_system	epss
scoring_elements	0.68296
published_at	2026-04-02T12:55:00Z

value	0.00562
scoring_system	epss
scoring_elements	0.68316
published_at	2026-04-04T12:55:00Z

value	0.00562
scoring_system	epss
scoring_elements	0.68292
published_at	2026-04-07T12:55:00Z

value	0.00562
scoring_system	epss
scoring_elements	0.68343
published_at	2026-04-08T12:55:00Z

value	0.00562
scoring_system	epss
scoring_elements	0.6836
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2797

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1243823
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1243823

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802

reference_url	http://www.debian.org/security/2016/dsa-3510
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3510

reference_url	http://www.debian.org/security/2016/dsa-3515
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3515

reference_url	http://www.debian.org/security/2016/dsa-3520
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3520

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securityfocus.com/bid/84222
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84222

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	http://www.ubuntu.com/usn/USN-2927-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2927-1

reference_url	http://www.ubuntu.com/usn/USN-2934-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2934-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795
reference_id	1315795
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::
reference_id	cpe:2.3:a:sil:graphite2::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*
reference_id	cpe:2.3:o:oracle:linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*
reference_id	cpe:2.3:o:oracle:linux:6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
reference_id	cpe:2.3:o:oracle:linux:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_id	cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-2797

reference_id

CVE-2016-2797

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-2797

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url	https://security.gentoo.org/glsa/201701-63
reference_id	GLSA-201701-63
reference_type
scores
url	https://security.gentoo.org/glsa/201701-63

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_id

mfsa2016-37

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_url	https://access.redhat.com/errata/RHSA-2016:0373
reference_id	RHSA-2016:0373
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0373

reference_url	https://access.redhat.com/errata/RHSA-2016:0460
reference_id	RHSA-2016:0460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0460

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

reference_url	https://usn.ubuntu.com/2927-1/
reference_id	USN-2927-1
reference_type
scores
url	https://usn.ubuntu.com/2927-1/

reference_url	https://usn.ubuntu.com/2934-1/
reference_id	USN-2934-1
reference_type
scores
url	https://usn.ubuntu.com/2934-1/

fixed_packages

aliases

CVE-2016-2797

risk_score

4.5

exploitability

0.5

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-c83b-ttr4-83em

url

VCID-ecm1-2298-mkfm

vulnerability_id

VCID-ecm1-2298-mkfm

summary

Multiple vulnerabilities have been found in Graphite, the worst of
    which could lead to the remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2799.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2799.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2799

reference_id

reference_type

scores

value	0.00646
scoring_system	epss
scoring_elements	0.70748
published_at	2026-04-16T12:55:00Z

value	0.00646
scoring_system	epss
scoring_elements	0.7064
published_at	2026-04-01T12:55:00Z

value	0.00646
scoring_system	epss
scoring_elements	0.70735
published_at	2026-04-11T12:55:00Z

value	0.00646
scoring_system	epss
scoring_elements	0.70718
published_at	2026-04-12T12:55:00Z

value	0.00646
scoring_system	epss
scoring_elements	0.70703
published_at	2026-04-13T12:55:00Z

value	0.00646
scoring_system	epss
scoring_elements	0.70655
published_at	2026-04-02T12:55:00Z

value	0.00646
scoring_system	epss
scoring_elements	0.70673
published_at	2026-04-04T12:55:00Z

value	0.00646
scoring_system	epss
scoring_elements	0.70651
published_at	2026-04-07T12:55:00Z

value	0.00646
scoring_system	epss
scoring_elements	0.70696
published_at	2026-04-08T12:55:00Z

value	0.00646
scoring_system	epss
scoring_elements	0.70712
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2799

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1249081
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1249081

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802

reference_url	http://www.debian.org/security/2016/dsa-3510
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3510

reference_url	http://www.debian.org/security/2016/dsa-3515
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3515

reference_url	http://www.debian.org/security/2016/dsa-3520
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3520

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securityfocus.com/bid/84222
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84222

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	http://www.ubuntu.com/usn/USN-2927-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2927-1

reference_url	http://www.ubuntu.com/usn/USN-2934-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2934-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795
reference_id	1315795
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::
reference_id	cpe:2.3:a:sil:graphite2::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*
reference_id	cpe:2.3:o:oracle:linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*
reference_id	cpe:2.3:o:oracle:linux:6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
reference_id	cpe:2.3:o:oracle:linux:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_id	cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-2799

reference_id

CVE-2016-2799

reference_type

scores

value	9.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:C/I:C/A:C

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-2799

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url	https://security.gentoo.org/glsa/201701-63
reference_id	GLSA-201701-63
reference_type
scores
url	https://security.gentoo.org/glsa/201701-63

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_id

mfsa2016-37

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_url	https://access.redhat.com/errata/RHSA-2016:0373
reference_id	RHSA-2016:0373
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0373

reference_url	https://access.redhat.com/errata/RHSA-2016:0460
reference_id	RHSA-2016:0460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0460

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

reference_url	https://usn.ubuntu.com/2927-1/
reference_id	USN-2927-1
reference_type
scores
url	https://usn.ubuntu.com/2927-1/

reference_url	https://usn.ubuntu.com/2934-1/
reference_id	USN-2934-1
reference_type
scores
url	https://usn.ubuntu.com/2934-1/

fixed_packages

aliases

CVE-2016-2799

risk_score

4.5

exploitability

0.5

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-ecm1-2298-mkfm

url

VCID-fjam-jfc1-pkbv

vulnerability_id

VCID-fjam-jfc1-pkbv

summary

Multiple vulnerabilities have been found in Graphite, the worst of
    which could lead to the remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2795.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2795.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2795

reference_id

reference_type

scores

value	0.00565
scoring_system	epss
scoring_elements	0.6846
published_at	2026-04-16T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68356
published_at	2026-04-01T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68467
published_at	2026-04-11T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68455
published_at	2026-04-12T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68422
published_at	2026-04-13T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68377
published_at	2026-04-02T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68396
published_at	2026-04-04T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68373
published_at	2026-04-07T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68423
published_at	2026-04-08T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.6844
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2795

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1243597
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1243597

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802

reference_url	http://www.debian.org/security/2016/dsa-3510
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3510

reference_url	http://www.debian.org/security/2016/dsa-3515
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3515

reference_url	http://www.debian.org/security/2016/dsa-3520
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3520

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securityfocus.com/bid/84222
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84222

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	http://www.ubuntu.com/usn/USN-2927-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2927-1

reference_url	http://www.ubuntu.com/usn/USN-2934-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2934-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795
reference_id	1315795
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::
reference_id	cpe:2.3:a:sil:graphite2::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*
reference_id	cpe:2.3:o:oracle:linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*
reference_id	cpe:2.3:o:oracle:linux:6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
reference_id	cpe:2.3:o:oracle:linux:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_id	cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-2795

reference_id

CVE-2016-2795

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-2795

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url	https://security.gentoo.org/glsa/201701-63
reference_id	GLSA-201701-63
reference_type
scores
url	https://security.gentoo.org/glsa/201701-63

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_id

mfsa2016-37

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_url	https://access.redhat.com/errata/RHSA-2016:0373
reference_id	RHSA-2016:0373
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0373

reference_url	https://access.redhat.com/errata/RHSA-2016:0460
reference_id	RHSA-2016:0460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0460

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

reference_url	https://usn.ubuntu.com/2927-1/
reference_id	USN-2927-1
reference_type
scores
url	https://usn.ubuntu.com/2927-1/

reference_url	https://usn.ubuntu.com/2934-1/
reference_id	USN-2934-1
reference_type
scores
url	https://usn.ubuntu.com/2934-1/

fixed_packages

aliases

CVE-2016-2795

risk_score

4.5

exploitability

0.5

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-fjam-jfc1-pkbv

url

VCID-j6x8-vnns-1yfg

vulnerability_id

VCID-j6x8-vnns-1yfg

summary

Multiple vulnerabilities have been found in Graphite, the worst of
    which could lead to the remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2791.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2791.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2791

reference_id

reference_type

scores

value	0.00565
scoring_system	epss
scoring_elements	0.6846
published_at	2026-04-16T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68356
published_at	2026-04-01T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68467
published_at	2026-04-11T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68455
published_at	2026-04-12T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68422
published_at	2026-04-13T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68377
published_at	2026-04-02T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68396
published_at	2026-04-04T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68373
published_at	2026-04-07T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68423
published_at	2026-04-08T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.6844
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2791

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1243473
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1243473

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802

reference_url	http://www.debian.org/security/2016/dsa-3510
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3510

reference_url	http://www.debian.org/security/2016/dsa-3515
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3515

reference_url	http://www.debian.org/security/2016/dsa-3520
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3520

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securityfocus.com/bid/84222
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84222

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	http://www.ubuntu.com/usn/USN-2927-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2927-1

reference_url	http://www.ubuntu.com/usn/USN-2934-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2934-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795
reference_id	1315795
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::
reference_id	cpe:2.3:a:sil:graphite2::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*
reference_id	cpe:2.3:o:oracle:linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*
reference_id	cpe:2.3:o:oracle:linux:6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
reference_id	cpe:2.3:o:oracle:linux:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_id	cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-2791

reference_id

CVE-2016-2791

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-2791

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url	https://security.gentoo.org/glsa/201701-63
reference_id	GLSA-201701-63
reference_type
scores
url	https://security.gentoo.org/glsa/201701-63

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_id

mfsa2016-37

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_url	https://access.redhat.com/errata/RHSA-2016:0373
reference_id	RHSA-2016:0373
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0373

reference_url	https://access.redhat.com/errata/RHSA-2016:0460
reference_id	RHSA-2016:0460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0460

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

reference_url	https://usn.ubuntu.com/2927-1/
reference_id	USN-2927-1
reference_type
scores
url	https://usn.ubuntu.com/2927-1/

reference_url	https://usn.ubuntu.com/2934-1/
reference_id	USN-2934-1
reference_type
scores
url	https://usn.ubuntu.com/2934-1/

fixed_packages

aliases

CVE-2016-2791

risk_score

4.5

exploitability

0.5

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-j6x8-vnns-1yfg

url

VCID-j7wt-w5x2-nye4

vulnerability_id

VCID-j7wt-w5x2-nye4

summary

Multiple vulnerabilities have been found in Graphite, the worst of
    which could lead to the remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2800.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2800.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2800

reference_id

reference_type

scores

value	0.00565
scoring_system	epss
scoring_elements	0.6846
published_at	2026-04-16T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68356
published_at	2026-04-01T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68467
published_at	2026-04-11T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68455
published_at	2026-04-12T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68422
published_at	2026-04-13T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68377
published_at	2026-04-02T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68396
published_at	2026-04-04T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68373
published_at	2026-04-07T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68423
published_at	2026-04-08T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.6844
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2800

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1249338
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1249338

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802

reference_url	http://www.debian.org/security/2016/dsa-3510
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3510

reference_url	http://www.debian.org/security/2016/dsa-3515
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3515

reference_url	http://www.debian.org/security/2016/dsa-3520
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3520

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securityfocus.com/bid/84222
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84222

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	http://www.ubuntu.com/usn/USN-2927-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2927-1

reference_url	http://www.ubuntu.com/usn/USN-2934-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2934-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795
reference_id	1315795
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::
reference_id	cpe:2.3:a:sil:graphite2::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*
reference_id	cpe:2.3:o:oracle:linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*
reference_id	cpe:2.3:o:oracle:linux:6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
reference_id	cpe:2.3:o:oracle:linux:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_id	cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-2800

reference_id

CVE-2016-2800

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-2800

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url	https://security.gentoo.org/glsa/201701-63
reference_id	GLSA-201701-63
reference_type
scores
url	https://security.gentoo.org/glsa/201701-63

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_id

mfsa2016-37

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_url	https://access.redhat.com/errata/RHSA-2016:0373
reference_id	RHSA-2016:0373
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0373

reference_url	https://access.redhat.com/errata/RHSA-2016:0460
reference_id	RHSA-2016:0460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0460

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

reference_url	https://usn.ubuntu.com/2927-1/
reference_id	USN-2927-1
reference_type
scores
url	https://usn.ubuntu.com/2927-1/

reference_url	https://usn.ubuntu.com/2934-1/
reference_id	USN-2934-1
reference_type
scores
url	https://usn.ubuntu.com/2934-1/

fixed_packages

aliases

CVE-2016-2800

risk_score

4.5

exploitability

0.5

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-j7wt-w5x2-nye4

url

VCID-jfw1-18np-47b8

vulnerability_id

VCID-jfw1-18np-47b8

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://hg.mozilla.org/releases/mozilla-release/rev/b208427885d3
reference_id
reference_type
scores
url	http://hg.mozilla.org/releases/mozilla-release/rev/b208427885d3

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1961.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1961.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1961

reference_id

reference_type

scores

value	0.00749
scoring_system	epss
scoring_elements	0.73155
published_at	2026-04-16T12:55:00Z

value	0.00749
scoring_system	epss
scoring_elements	0.7306
published_at	2026-04-01T12:55:00Z

value	0.00749
scoring_system	epss
scoring_elements	0.73139
published_at	2026-04-11T12:55:00Z

value	0.00749
scoring_system	epss
scoring_elements	0.73119
published_at	2026-04-12T12:55:00Z

value	0.00749
scoring_system	epss
scoring_elements	0.73112
published_at	2026-04-13T12:55:00Z

value	0.00749
scoring_system	epss
scoring_elements	0.73069
published_at	2026-04-02T12:55:00Z

value	0.00749
scoring_system	epss
scoring_elements	0.7309
published_at	2026-04-04T12:55:00Z

value	0.00749
scoring_system	epss
scoring_elements	0.73064
published_at	2026-04-07T12:55:00Z

value	0.00749
scoring_system	epss
scoring_elements	0.73101
published_at	2026-04-08T12:55:00Z

value	0.00749
scoring_system	epss
scoring_elements	0.73114
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1961

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1249377
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1249377

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802

reference_url	http://www.debian.org/security/2016/dsa-3510
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3510

reference_url	http://www.debian.org/security/2016/dsa-3520
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3520

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-24.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-24.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	http://www.ubuntu.com/usn/USN-2934-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2934-1

reference_url	http://zerodayinitiative.com/advisories/ZDI-16-199/
reference_id
reference_type
scores
url	http://zerodayinitiative.com/advisories/ZDI-16-199/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315577
reference_id	1315577
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315577

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*
reference_id	cpe:2.3:o:oracle:linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*
reference_id	cpe:2.3:o:oracle:linux:6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
reference_id	cpe:2.3:o:oracle:linux:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_id	cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1961

reference_id

CVE-2016-1961

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1961

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-24

reference_id

mfsa2016-24

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-24

reference_url	https://access.redhat.com/errata/RHSA-2016:0373
reference_id	RHSA-2016:0373
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0373

reference_url	https://access.redhat.com/errata/RHSA-2016:0460
reference_id	RHSA-2016:0460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0460

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

reference_url	https://usn.ubuntu.com/2934-1/
reference_id	USN-2934-1
reference_type
scores
url	https://usn.ubuntu.com/2934-1/

fixed_packages

aliases

CVE-2016-1961

risk_score

4.5

exploitability

0.5

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-jfw1-18np-47b8

url

VCID-js15-jev6-6fbs

vulnerability_id

VCID-js15-jev6-6fbs

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1960.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1960.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1960

reference_id

reference_type

scores

value	0.87057
scoring_system	epss
scoring_elements	0.99444
published_at	2026-04-16T12:55:00Z

value	0.87057
scoring_system	epss
scoring_elements	0.99436
published_at	2026-04-01T12:55:00Z

value	0.87057
scoring_system	epss
scoring_elements	0.9944
published_at	2026-04-11T12:55:00Z

value	0.87057
scoring_system	epss
scoring_elements	0.99441
published_at	2026-04-12T12:55:00Z

value	0.87057
scoring_system	epss
scoring_elements	0.99442
published_at	2026-04-13T12:55:00Z

value	0.87057
scoring_system	epss
scoring_elements	0.99435
published_at	2026-04-02T12:55:00Z

value	0.87057
scoring_system	epss
scoring_elements	0.99437
published_at	2026-04-07T12:55:00Z

value	0.87057
scoring_system	epss
scoring_elements	0.99439
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1960

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1246014
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1246014

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802

reference_url	https://www.exploit-db.com/exploits/42484/
reference_id
reference_type
scores
url	https://www.exploit-db.com/exploits/42484/

reference_url	https://www.exploit-db.com/exploits/44294/
reference_id
reference_type
scores
url	https://www.exploit-db.com/exploits/44294/

reference_url	http://www.debian.org/security/2016/dsa-3510
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3510

reference_url	http://www.debian.org/security/2016/dsa-3520
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3520

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-23.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-23.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	http://www.ubuntu.com/usn/USN-2934-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2934-1

reference_url	http://zerodayinitiative.com/advisories/ZDI-16-198/
reference_id
reference_type
scores
url	http://zerodayinitiative.com/advisories/ZDI-16-198/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315576
reference_id	1315576
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315576

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*
reference_id	cpe:2.3:o:oracle:linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*
reference_id	cpe:2.3:o:oracle:linux:6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
reference_id	cpe:2.3:o:oracle:linux:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_id	cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/42484.html
reference_id	CVE-2016-1960
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/42484.html

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1960

reference_id

CVE-2016-1960

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1960

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/44294.html
reference_id	CVE-2017-5375;CVE-2016-1960
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/44294.html

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-23

reference_id

mfsa2016-23

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-23

reference_url	https://access.redhat.com/errata/RHSA-2016:0373
reference_id	RHSA-2016:0373
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0373

reference_url	https://access.redhat.com/errata/RHSA-2016:0460
reference_id	RHSA-2016:0460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0460

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

reference_url	https://usn.ubuntu.com/2934-1/
reference_id	USN-2934-1
reference_type
scores
url	https://usn.ubuntu.com/2934-1/

fixed_packages

aliases

CVE-2016-1960

risk_score

10.0

exploitability

2.0

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-js15-jev6-6fbs

url

VCID-k131-mfqm-dka9

vulnerability_id

VCID-k131-mfqm-dka9

summary

Multiple vulnerabilities have been found in Graphite, the worst of
    which could lead to the remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1977.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1977.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1977

reference_id

reference_type

scores

value	0.00701
scoring_system	epss
scoring_elements	0.72071
published_at	2026-04-16T12:55:00Z

value	0.00701
scoring_system	epss
scoring_elements	0.71984
published_at	2026-04-01T12:55:00Z

value	0.00701
scoring_system	epss
scoring_elements	0.72062
published_at	2026-04-11T12:55:00Z

value	0.00701
scoring_system	epss
scoring_elements	0.72046
published_at	2026-04-12T12:55:00Z

value	0.00701
scoring_system	epss
scoring_elements	0.72031
published_at	2026-04-13T12:55:00Z

value	0.00701
scoring_system	epss
scoring_elements	0.71991
published_at	2026-04-02T12:55:00Z

value	0.00701
scoring_system	epss
scoring_elements	0.72011
published_at	2026-04-04T12:55:00Z

value	0.00701
scoring_system	epss
scoring_elements	0.71987
published_at	2026-04-07T12:55:00Z

value	0.00701
scoring_system	epss
scoring_elements	0.72026
published_at	2026-04-08T12:55:00Z

value	0.00701
scoring_system	epss
scoring_elements	0.72038
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1977

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1248876
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1248876

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802

reference_url	http://www.debian.org/security/2016/dsa-3510
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3510

reference_url	http://www.debian.org/security/2016/dsa-3515
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3515

reference_url	http://www.debian.org/security/2016/dsa-3520
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3520

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securityfocus.com/bid/84222
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84222

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	http://www.ubuntu.com/usn/USN-2927-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2927-1

reference_url	http://www.ubuntu.com/usn/USN-2934-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2934-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795
reference_id	1315795
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::
reference_id	cpe:2.3:a:sil:graphite2::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*
reference_id	cpe:2.3:o:oracle:linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*
reference_id	cpe:2.3:o:oracle:linux:6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
reference_id	cpe:2.3:o:oracle:linux:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_id	cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1977

reference_id

CVE-2016-1977

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1977

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url	https://security.gentoo.org/glsa/201701-63
reference_id	GLSA-201701-63
reference_type
scores
url	https://security.gentoo.org/glsa/201701-63

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_id

mfsa2016-37

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_url	https://access.redhat.com/errata/RHSA-2016:0373
reference_id	RHSA-2016:0373
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0373

reference_url	https://access.redhat.com/errata/RHSA-2016:0460
reference_id	RHSA-2016:0460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0460

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

reference_url	https://usn.ubuntu.com/2927-1/
reference_id	USN-2927-1
reference_type
scores
url	https://usn.ubuntu.com/2927-1/

reference_url	https://usn.ubuntu.com/2934-1/
reference_id	USN-2934-1
reference_type
scores
url	https://usn.ubuntu.com/2934-1/

fixed_packages

aliases

CVE-2016-1977

risk_score

4.5

exploitability

0.5

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-k131-mfqm-dka9

url

VCID-k5hu-n47k-wffm

vulnerability_id

VCID-k5hu-n47k-wffm

summary

Multiple vulnerabilities have been found in Graphite, the worst of
    which could lead to the remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2792.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2792.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2792

reference_id

reference_type

scores

value	0.00565
scoring_system	epss
scoring_elements	0.6846
published_at	2026-04-16T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68356
published_at	2026-04-01T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68467
published_at	2026-04-11T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68455
published_at	2026-04-12T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68422
published_at	2026-04-13T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68377
published_at	2026-04-02T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68396
published_at	2026-04-04T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68373
published_at	2026-04-07T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68423
published_at	2026-04-08T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.6844
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2792

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1243482
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1243482

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802

reference_url	http://www.debian.org/security/2016/dsa-3510
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3510

reference_url	http://www.debian.org/security/2016/dsa-3515
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3515

reference_url	http://www.debian.org/security/2016/dsa-3520
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3520

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securityfocus.com/bid/84222
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84222

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	http://www.ubuntu.com/usn/USN-2927-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2927-1

reference_url	http://www.ubuntu.com/usn/USN-2934-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2934-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795
reference_id	1315795
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::
reference_id	cpe:2.3:a:sil:graphite2::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*
reference_id	cpe:2.3:o:oracle:linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*
reference_id	cpe:2.3:o:oracle:linux:6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
reference_id	cpe:2.3:o:oracle:linux:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_id	cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-2792

reference_id

CVE-2016-2792

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-2792

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url	https://security.gentoo.org/glsa/201701-63
reference_id	GLSA-201701-63
reference_type
scores
url	https://security.gentoo.org/glsa/201701-63

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_id

mfsa2016-37

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_url	https://access.redhat.com/errata/RHSA-2016:0373
reference_id	RHSA-2016:0373
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0373

reference_url	https://access.redhat.com/errata/RHSA-2016:0460
reference_id	RHSA-2016:0460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0460

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

reference_url	https://usn.ubuntu.com/2927-1/
reference_id	USN-2927-1
reference_type
scores
url	https://usn.ubuntu.com/2927-1/

reference_url	https://usn.ubuntu.com/2934-1/
reference_id	USN-2934-1
reference_type
scores
url	https://usn.ubuntu.com/2934-1/

fixed_packages

aliases

CVE-2016-2792

risk_score

4.5

exploitability

0.5

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-k5hu-n47k-wffm

url

VCID-nr84-88hy-6fah

vulnerability_id

VCID-nr84-88hy-6fah

summary

Multiple vulnerabilities have been found in Graphite, the worst of
    which could lead to the remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2796.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2796.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2796

reference_id

reference_type

scores

value	0.00565
scoring_system	epss
scoring_elements	0.6846
published_at	2026-04-16T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68357
published_at	2026-04-01T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68467
published_at	2026-04-11T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68455
published_at	2026-04-12T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68422
published_at	2026-04-13T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68377
published_at	2026-04-02T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68396
published_at	2026-04-04T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68373
published_at	2026-04-07T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68424
published_at	2026-04-08T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68441
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2796

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1243816
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1243816

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802

reference_url	http://www.debian.org/security/2016/dsa-3510
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3510

reference_url	http://www.debian.org/security/2016/dsa-3515
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3515

reference_url	http://www.debian.org/security/2016/dsa-3520
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3520

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securityfocus.com/bid/84222
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84222

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	http://www.ubuntu.com/usn/USN-2927-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2927-1

reference_url	http://www.ubuntu.com/usn/USN-2934-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2934-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795
reference_id	1315795
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::
reference_id	cpe:2.3:a:sil:graphite2::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*
reference_id	cpe:2.3:o:oracle:linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*
reference_id	cpe:2.3:o:oracle:linux:6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
reference_id	cpe:2.3:o:oracle:linux:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_id	cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-2796

reference_id

CVE-2016-2796

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-2796

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url	https://security.gentoo.org/glsa/201701-63
reference_id	GLSA-201701-63
reference_type
scores
url	https://security.gentoo.org/glsa/201701-63

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_id

mfsa2016-37

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_url	https://access.redhat.com/errata/RHSA-2016:0373
reference_id	RHSA-2016:0373
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0373

reference_url	https://access.redhat.com/errata/RHSA-2016:0460
reference_id	RHSA-2016:0460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0460

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

reference_url	https://usn.ubuntu.com/2927-1/
reference_id	USN-2927-1
reference_type
scores
url	https://usn.ubuntu.com/2927-1/

reference_url	https://usn.ubuntu.com/2934-1/
reference_id	USN-2934-1
reference_type
scores
url	https://usn.ubuntu.com/2934-1/

fixed_packages

aliases

CVE-2016-2796

risk_score

4.5

exploitability

0.5

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-nr84-88hy-6fah

url

VCID-qtp4-ada6-tydd

vulnerability_id

VCID-qtp4-ada6-tydd

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1974.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1974.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1974

reference_id

reference_type

scores

value	0.00493
scoring_system	epss
scoring_elements	0.6575
published_at	2026-04-16T12:55:00Z

value	0.00493
scoring_system	epss
scoring_elements	0.6563
published_at	2026-04-01T12:55:00Z

value	0.00493
scoring_system	epss
scoring_elements	0.65759
published_at	2026-04-11T12:55:00Z

value	0.00493
scoring_system	epss
scoring_elements	0.65744
published_at	2026-04-12T12:55:00Z

value	0.00493
scoring_system	epss
scoring_elements	0.65715
published_at	2026-04-13T12:55:00Z

value	0.00493
scoring_system	epss
scoring_elements	0.65679
published_at	2026-04-02T12:55:00Z

value	0.00493
scoring_system	epss
scoring_elements	0.65709
published_at	2026-04-04T12:55:00Z

value	0.00493
scoring_system	epss
scoring_elements	0.65675
published_at	2026-04-07T12:55:00Z

value	0.00493
scoring_system	epss
scoring_elements	0.65726
published_at	2026-04-08T12:55:00Z

value	0.00493
scoring_system	epss
scoring_elements	0.65738
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1974

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1228103
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1228103

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802

reference_url	http://www.debian.org/security/2016/dsa-3510
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3510

reference_url	http://www.debian.org/security/2016/dsa-3520
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3520

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-34.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-34.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	http://www.ubuntu.com/usn/USN-2934-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2934-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315785
reference_id	1315785
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315785

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*
reference_id	cpe:2.3:o:oracle:linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*
reference_id	cpe:2.3:o:oracle:linux:6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
reference_id	cpe:2.3:o:oracle:linux:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_id	cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1974

reference_id

CVE-2016-1974

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1974

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-34

reference_id

mfsa2016-34

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-34

reference_url	https://access.redhat.com/errata/RHSA-2016:0373
reference_id	RHSA-2016:0373
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0373

reference_url	https://access.redhat.com/errata/RHSA-2016:0460
reference_id	RHSA-2016:0460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0460

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

reference_url	https://usn.ubuntu.com/2934-1/
reference_id	USN-2934-1
reference_type
scores
url	https://usn.ubuntu.com/2934-1/

fixed_packages

aliases

CVE-2016-1974

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-qtp4-ada6-tydd

url

VCID-rsda-j27d-8bdc

vulnerability_id

VCID-rsda-j27d-8bdc

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://hg.mozilla.org/releases/mozilla-release/rev/5154bb929236
reference_id
reference_type
scores
url	http://hg.mozilla.org/releases/mozilla-release/rev/5154bb929236

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1954.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1954.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1954

reference_id

reference_type

scores

value	0.02706
scoring_system	epss
scoring_elements	0.8591
published_at	2026-04-16T12:55:00Z

value	0.02706
scoring_system	epss
scoring_elements	0.85825
published_at	2026-04-01T12:55:00Z

value	0.02706
scoring_system	epss
scoring_elements	0.85901
published_at	2026-04-11T12:55:00Z

value	0.02706
scoring_system	epss
scoring_elements	0.85898
published_at	2026-04-12T12:55:00Z

value	0.02706
scoring_system	epss
scoring_elements	0.85892
published_at	2026-04-13T12:55:00Z

value	0.02706
scoring_system	epss
scoring_elements	0.85836
published_at	2026-04-02T12:55:00Z

value	0.02706
scoring_system	epss
scoring_elements	0.85854
published_at	2026-04-04T12:55:00Z

value	0.02706
scoring_system	epss
scoring_elements	0.85858
published_at	2026-04-07T12:55:00Z

value	0.02706
scoring_system	epss
scoring_elements	0.85876
published_at	2026-04-08T12:55:00Z

value	0.02706
scoring_system	epss
scoring_elements	0.85886
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1954

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1243178
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1243178

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802

reference_url	http://www.debian.org/security/2016/dsa-3510
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3510

reference_url	http://www.debian.org/security/2016/dsa-3520
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3520

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-17.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-17.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	http://www.ubuntu.com/usn/USN-2934-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2934-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315569
reference_id	1315569
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315569

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:::::::*
reference_id	cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*
reference_id	cpe:2.3:o:oracle:linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*
reference_id	cpe:2.3:o:oracle:linux:6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
reference_id	cpe:2.3:o:oracle:linux:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1954

reference_id

CVE-2016-1954

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1954

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-17

reference_id

mfsa2016-17

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-17

reference_url	https://access.redhat.com/errata/RHSA-2016:0373
reference_id	RHSA-2016:0373
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0373

reference_url	https://access.redhat.com/errata/RHSA-2016:0460
reference_id	RHSA-2016:0460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0460

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

reference_url	https://usn.ubuntu.com/2934-1/
reference_id	USN-2934-1
reference_type
scores
url	https://usn.ubuntu.com/2934-1/

fixed_packages

aliases

CVE-2016-1954

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-rsda-j27d-8bdc

url

VCID-ut8d-5w7x-4qg2

vulnerability_id

VCID-ut8d-5w7x-4qg2

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1964.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1964.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1964

reference_id

reference_type

scores

value	0.00701
scoring_system	epss
scoring_elements	0.72071
published_at	2026-04-16T12:55:00Z

value	0.00701
scoring_system	epss
scoring_elements	0.71984
published_at	2026-04-01T12:55:00Z

value	0.00701
scoring_system	epss
scoring_elements	0.72062
published_at	2026-04-11T12:55:00Z

value	0.00701
scoring_system	epss
scoring_elements	0.72046
published_at	2026-04-12T12:55:00Z

value	0.00701
scoring_system	epss
scoring_elements	0.72031
published_at	2026-04-13T12:55:00Z

value	0.00701
scoring_system	epss
scoring_elements	0.71991
published_at	2026-04-02T12:55:00Z

value	0.00701
scoring_system	epss
scoring_elements	0.72011
published_at	2026-04-04T12:55:00Z

value	0.00701
scoring_system	epss
scoring_elements	0.71987
published_at	2026-04-07T12:55:00Z

value	0.00701
scoring_system	epss
scoring_elements	0.72026
published_at	2026-04-08T12:55:00Z

value	0.00701
scoring_system	epss
scoring_elements	0.72038
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1964

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1243335
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1243335

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802

reference_url	http://www.debian.org/security/2016/dsa-3510
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3510

reference_url	http://www.debian.org/security/2016/dsa-3520
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3520

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-27.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-27.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	http://www.ubuntu.com/usn/USN-2934-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2934-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315774
reference_id	1315774
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315774

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*
reference_id	cpe:2.3:o:oracle:linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*
reference_id	cpe:2.3:o:oracle:linux:6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
reference_id	cpe:2.3:o:oracle:linux:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_id	cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1964

reference_id

CVE-2016-1964

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1964

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-27

reference_id

mfsa2016-27

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-27

reference_url	https://access.redhat.com/errata/RHSA-2016:0373
reference_id	RHSA-2016:0373
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0373

reference_url	https://access.redhat.com/errata/RHSA-2016:0460
reference_id	RHSA-2016:0460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0460

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

reference_url	https://usn.ubuntu.com/2934-1/
reference_id	USN-2934-1
reference_type
scores
url	https://usn.ubuntu.com/2934-1/

fixed_packages

aliases

CVE-2016-1964

risk_score

4.5

exploitability

0.5

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-ut8d-5w7x-4qg2

url

VCID-va34-kurf-uycj

vulnerability_id

VCID-va34-kurf-uycj

summary

Multiple vulnerabilities have been found in Graphite, the worst of
    which could lead to the remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2793.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2793.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2793

reference_id

reference_type

scores

value	0.00562
scoring_system	epss
scoring_elements	0.6838
published_at	2026-04-16T12:55:00Z

value	0.00562
scoring_system	epss
scoring_elements	0.68276
published_at	2026-04-01T12:55:00Z

value	0.00562
scoring_system	epss
scoring_elements	0.68386
published_at	2026-04-11T12:55:00Z

value	0.00562
scoring_system	epss
scoring_elements	0.68373
published_at	2026-04-12T12:55:00Z

value	0.00562
scoring_system	epss
scoring_elements	0.6834
published_at	2026-04-13T12:55:00Z

value	0.00562
scoring_system	epss
scoring_elements	0.68296
published_at	2026-04-02T12:55:00Z

value	0.00562
scoring_system	epss
scoring_elements	0.68316
published_at	2026-04-04T12:55:00Z

value	0.00562
scoring_system	epss
scoring_elements	0.68292
published_at	2026-04-07T12:55:00Z

value	0.00562
scoring_system	epss
scoring_elements	0.68343
published_at	2026-04-08T12:55:00Z

value	0.00562
scoring_system	epss
scoring_elements	0.6836
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2793

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1243513
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1243513

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802

reference_url	http://www.debian.org/security/2016/dsa-3510
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3510

reference_url	http://www.debian.org/security/2016/dsa-3515
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3515

reference_url	http://www.debian.org/security/2016/dsa-3520
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3520

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-37.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securityfocus.com/bid/84222
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84222

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	http://www.ubuntu.com/usn/USN-2927-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2927-1

reference_url	http://www.ubuntu.com/usn/USN-2934-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2934-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795
reference_id	1315795
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315795

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::
reference_id	cpe:2.3:a:sil:graphite2::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sil:graphite2::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*
reference_id	cpe:2.3:o:oracle:linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*
reference_id	cpe:2.3:o:oracle:linux:6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
reference_id	cpe:2.3:o:oracle:linux:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_id	cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-2793

reference_id

CVE-2016-2793

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-2793

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url	https://security.gentoo.org/glsa/201701-63
reference_id	GLSA-201701-63
reference_type
scores
url	https://security.gentoo.org/glsa/201701-63

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_id

mfsa2016-37

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-37

reference_url	https://access.redhat.com/errata/RHSA-2016:0373
reference_id	RHSA-2016:0373
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0373

reference_url	https://access.redhat.com/errata/RHSA-2016:0460
reference_id	RHSA-2016:0460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0460

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

reference_url	https://usn.ubuntu.com/2927-1/
reference_id	USN-2927-1
reference_type
scores
url	https://usn.ubuntu.com/2927-1/

reference_url	https://usn.ubuntu.com/2934-1/
reference_id	USN-2934-1
reference_type
scores
url	https://usn.ubuntu.com/2934-1/

fixed_packages

aliases

CVE-2016-2793

risk_score

4.5

exploitability

0.5

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-va34-kurf-uycj

url

VCID-z4ad-5vm8-t3g2

vulnerability_id

VCID-z4ad-5vm8-t3g2

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://hg.mozilla.org/releases/mozilla-release/rev/f0d2911a9a4e
reference_id
reference_type
scores
url	http://hg.mozilla.org/releases/mozilla-release/rev/f0d2911a9a4e

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1966.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1966.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1966

reference_id

reference_type

scores

value	0.00797
scoring_system	epss
scoring_elements	0.74042
published_at	2026-04-16T12:55:00Z

value	0.00797
scoring_system	epss
scoring_elements	0.73955
published_at	2026-04-01T12:55:00Z

value	0.00797
scoring_system	epss
scoring_elements	0.74028
published_at	2026-04-11T12:55:00Z

value	0.00797
scoring_system	epss
scoring_elements	0.7401
published_at	2026-04-12T12:55:00Z

value	0.00797
scoring_system	epss
scoring_elements	0.74003
published_at	2026-04-13T12:55:00Z

value	0.00797
scoring_system	epss
scoring_elements	0.73962
published_at	2026-04-02T12:55:00Z

value	0.00797
scoring_system	epss
scoring_elements	0.73987
published_at	2026-04-04T12:55:00Z

value	0.00797
scoring_system	epss
scoring_elements	0.73958
published_at	2026-04-07T12:55:00Z

value	0.00797
scoring_system	epss
scoring_elements	0.73992
published_at	2026-04-08T12:55:00Z

value	0.00797
scoring_system	epss
scoring_elements	0.74006
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1966

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1246054
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1246054

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802

reference_url	http://www.debian.org/security/2016/dsa-3510
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3510

reference_url	http://www.debian.org/security/2016/dsa-3520
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3520

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-31.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-31.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2917-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-1

reference_url	http://www.ubuntu.com/usn/USN-2917-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-2

reference_url	http://www.ubuntu.com/usn/USN-2917-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2917-3

reference_url	http://www.ubuntu.com/usn/USN-2934-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2934-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315778
reference_id	1315778
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315778

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*
reference_id	cpe:2.3:o:oracle:linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*
reference_id	cpe:2.3:o:oracle:linux:6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
reference_id	cpe:2.3:o:oracle:linux:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1966

reference_id

CVE-2016-1966

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1966

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-31

reference_id

mfsa2016-31

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-31

reference_url	https://access.redhat.com/errata/RHSA-2016:0373
reference_id	RHSA-2016:0373
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0373

reference_url	https://access.redhat.com/errata/RHSA-2016:0460
reference_id	RHSA-2016:0460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0460

reference_url	https://usn.ubuntu.com/2917-1/
reference_id	USN-2917-1
reference_type
scores
url	https://usn.ubuntu.com/2917-1/

reference_url	https://usn.ubuntu.com/2934-1/
reference_id	USN-2934-1
reference_type
scores
url	https://usn.ubuntu.com/2934-1/

fixed_packages

aliases

CVE-2016-1966

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-z4ad-5vm8-t3g2

Fixing_vulnerabilities

Risk_score 10.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/thunderbird@38.7.0-1%3Farch=el5_11

Package Instance