Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/firefox-esr@45.6.0?arch=x86&distroversion=v3.4&reponame=community
Typeapk
Namespacealpine
Namefirefox-esr
Version45.6.0
Qualifiers
arch x86
distroversion v3.4
reponame community
Subpath
Is_vulnerablefalse
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-1tcx-3zn1-ykdq
vulnerability_id VCID-1tcx-3zn1-ykdq
summary 
Multiple vulnerabilities have been found in Mozilla Firefox and
    Thunderbird the worst of which could lead to the execution of arbitrary
    code.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-2946.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-2946.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9904.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9904.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9904
reference_id
reference_type
scores
0
value 0.01192
scoring_system epss
scoring_elements 0.78873
published_at 2026-04-16T12:55:00Z
1
value 0.01192
scoring_system epss
scoring_elements 0.78833
published_at 2026-04-04T12:55:00Z
2
value 0.01192
scoring_system epss
scoring_elements 0.78816
published_at 2026-04-07T12:55:00Z
3
value 0.01192
scoring_system epss
scoring_elements 0.78841
published_at 2026-04-08T12:55:00Z
4
value 0.01192
scoring_system epss
scoring_elements 0.78848
published_at 2026-04-09T12:55:00Z
5
value 0.01192
scoring_system epss
scoring_elements 0.78871
published_at 2026-04-11T12:55:00Z
6
value 0.01192
scoring_system epss
scoring_elements 0.78854
published_at 2026-04-12T12:55:00Z
7
value 0.01192
scoring_system epss
scoring_elements 0.78845
published_at 2026-04-13T12:55:00Z
8
value 0.01192
scoring_system epss
scoring_elements 0.78797
published_at 2026-04-01T12:55:00Z
9
value 0.01192
scoring_system epss
scoring_elements 0.78804
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9904
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1317936
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1317936
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905
14
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
15
reference_url https://www.debian.org/security/2017/dsa-3757
reference_id
reference_type
scores
url https://www.debian.org/security/2017/dsa-3757
16
reference_url https://www.mozilla.org/security/advisories/mfsa2016-94/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-94/
17
reference_url https://www.mozilla.org/security/advisories/mfsa2016-95/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-95/
18
reference_url https://www.mozilla.org/security/advisories/mfsa2016-96/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-96/
19
reference_url http://www.securityfocus.com/bid/94885
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/94885
20
reference_url http://www.securitytracker.com/id/1037461
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037461
21
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1404091
reference_id 1404091
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1404091
22
reference_url https://security.archlinux.org/ASA-201612-15
reference_id ASA-201612-15
reference_type
scores
url https://security.archlinux.org/ASA-201612-15
23
reference_url https://security.archlinux.org/AVG-106
reference_id AVG-106
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-106
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9904
reference_id CVE-2016-9904
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2016-9904
37
reference_url https://security.gentoo.org/glsa/201701-15
reference_id GLSA-201701-15
reference_type
scores
url https://security.gentoo.org/glsa/201701-15
38
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-94
reference_id mfsa2016-94
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-94
39
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-95
reference_id mfsa2016-95
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-95
40
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-96
reference_id mfsa2016-96
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-96
41
reference_url https://access.redhat.com/errata/RHSA-2016:2946
reference_id RHSA-2016:2946
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2946
42
reference_url https://usn.ubuntu.com/3155-1/
reference_id USN-3155-1
reference_type
scores
url https://usn.ubuntu.com/3155-1/
43
reference_url https://usn.ubuntu.com/3165-1/
reference_id USN-3165-1
reference_type
scores
url https://usn.ubuntu.com/3165-1/
fixed_packages
0
url pkg:apk/alpine/firefox-esr@45.6.0?arch=x86&distroversion=v3.4&reponame=community
purl pkg:apk/alpine/firefox-esr@45.6.0?arch=x86&distroversion=v3.4&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@45.6.0%3Farch=x86&distroversion=v3.4&reponame=community
aliases CVE-2016-9904
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1tcx-3zn1-ykdq
1
url VCID-2ptm-gx1p-uyhf
vulnerability_id VCID-2ptm-gx1p-uyhf
summary 
Multiple vulnerabilities have been found in Mozilla Firefox and
    Thunderbird the worst of which could lead to the execution of arbitrary
    code.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-2946.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-2946.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9897.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9897.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9897
reference_id
reference_type
scores
0
value 0.0395
scoring_system epss
scoring_elements 0.88368
published_at 2026-04-16T12:55:00Z
1
value 0.0395
scoring_system epss
scoring_elements 0.88353
published_at 2026-04-13T12:55:00Z
2
value 0.0395
scoring_system epss
scoring_elements 0.88298
published_at 2026-04-01T12:55:00Z
3
value 0.0395
scoring_system epss
scoring_elements 0.88361
published_at 2026-04-11T12:55:00Z
4
value 0.0395
scoring_system epss
scoring_elements 0.88351
published_at 2026-04-09T12:55:00Z
5
value 0.0395
scoring_system epss
scoring_elements 0.88344
published_at 2026-04-08T12:55:00Z
6
value 0.0395
scoring_system epss
scoring_elements 0.88325
published_at 2026-04-07T12:55:00Z
7
value 0.0395
scoring_system epss
scoring_elements 0.8832
published_at 2026-04-04T12:55:00Z
8
value 0.0395
scoring_system epss
scoring_elements 0.88306
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9897
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1301381
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1301381
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905
14
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
15
reference_url https://www.debian.org/security/2017/dsa-3757
reference_id
reference_type
scores
url https://www.debian.org/security/2017/dsa-3757
16
reference_url https://www.mozilla.org/security/advisories/mfsa2016-94/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-94/
17
reference_url https://www.mozilla.org/security/advisories/mfsa2016-95/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-95/
18
reference_url https://www.mozilla.org/security/advisories/mfsa2016-96/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-96/
19
reference_url http://www.securityfocus.com/bid/94885
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/94885
20
reference_url http://www.securitytracker.com/id/1037461
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037461
21
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1404087
reference_id 1404087
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1404087
22
reference_url https://security.archlinux.org/ASA-201612-15
reference_id ASA-201612-15
reference_type
scores
url https://security.archlinux.org/ASA-201612-15
23
reference_url https://security.archlinux.org/AVG-106
reference_id AVG-106
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-106
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9897
reference_id CVE-2016-9897
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2016-9897
35
reference_url https://security.gentoo.org/glsa/201701-15
reference_id GLSA-201701-15
reference_type
scores
url https://security.gentoo.org/glsa/201701-15
36
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-94
reference_id mfsa2016-94
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-94
37
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-95
reference_id mfsa2016-95
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-95
38
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-96
reference_id mfsa2016-96
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-96
39
reference_url https://access.redhat.com/errata/RHSA-2016:2946
reference_id RHSA-2016:2946
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2946
40
reference_url https://usn.ubuntu.com/3155-1/
reference_id USN-3155-1
reference_type
scores
url https://usn.ubuntu.com/3155-1/
41
reference_url https://usn.ubuntu.com/3165-1/
reference_id USN-3165-1
reference_type
scores
url https://usn.ubuntu.com/3165-1/
fixed_packages
0
url pkg:apk/alpine/firefox-esr@45.6.0?arch=x86&distroversion=v3.4&reponame=community
purl pkg:apk/alpine/firefox-esr@45.6.0?arch=x86&distroversion=v3.4&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@45.6.0%3Farch=x86&distroversion=v3.4&reponame=community
aliases CVE-2016-9897
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2ptm-gx1p-uyhf
2
url VCID-2xe3-59tz-zbc3
vulnerability_id VCID-2xe3-59tz-zbc3
summary 
Multiple vulnerabilities have been found in Mozilla Firefox and
    Thunderbird the worst of which could lead to the execution of arbitrary
    code.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-2946.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-2946.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2016-2973.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-2973.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9901.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9901.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9901
reference_id
reference_type
scores
0
value 0.0203
scoring_system epss
scoring_elements 0.83831
published_at 2026-04-16T12:55:00Z
1
value 0.0203
scoring_system epss
scoring_elements 0.83762
published_at 2026-04-07T12:55:00Z
2
value 0.0203
scoring_system epss
scoring_elements 0.83786
published_at 2026-04-08T12:55:00Z
3
value 0.0203
scoring_system epss
scoring_elements 0.83792
published_at 2026-04-09T12:55:00Z
4
value 0.0203
scoring_system epss
scoring_elements 0.83808
published_at 2026-04-11T12:55:00Z
5
value 0.0203
scoring_system epss
scoring_elements 0.83801
published_at 2026-04-12T12:55:00Z
6
value 0.0203
scoring_system epss
scoring_elements 0.83797
published_at 2026-04-13T12:55:00Z
7
value 0.0203
scoring_system epss
scoring_elements 0.83731
published_at 2026-04-01T12:55:00Z
8
value 0.0203
scoring_system epss
scoring_elements 0.83744
published_at 2026-04-02T12:55:00Z
9
value 0.0203
scoring_system epss
scoring_elements 0.83759
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9901
4
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1320057
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1320057
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905
15
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
16
reference_url https://www.mozilla.org/security/advisories/mfsa2016-94/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-94/
17
reference_url https://www.mozilla.org/security/advisories/mfsa2016-95/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-95/
18
reference_url http://www.securityfocus.com/bid/94885
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/94885
19
reference_url http://www.securitytracker.com/id/1037461
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037461
20
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1404358
reference_id 1404358
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1404358
21
reference_url https://security.archlinux.org/ASA-201612-15
reference_id ASA-201612-15
reference_type
scores
url https://security.archlinux.org/ASA-201612-15
22
reference_url https://security.archlinux.org/AVG-106
reference_id AVG-106
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-106
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_aus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_aus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_aus:7.3:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_aus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_aus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_aus:7.4:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9901
reference_id CVE-2016-9901
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2016-9901
39
reference_url https://security.gentoo.org/glsa/201701-15
reference_id GLSA-201701-15
reference_type
scores
url https://security.gentoo.org/glsa/201701-15
40
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-94
reference_id mfsa2016-94
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-94
41
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-95
reference_id mfsa2016-95
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-95
42
reference_url https://access.redhat.com/errata/RHSA-2016:2946
reference_id RHSA-2016:2946
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2946
43
reference_url https://access.redhat.com/errata/RHSA-2016:2973
reference_id RHSA-2016:2973
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2973
44
reference_url https://usn.ubuntu.com/3155-1/
reference_id USN-3155-1
reference_type
scores
url https://usn.ubuntu.com/3155-1/
fixed_packages
0
url pkg:apk/alpine/firefox-esr@45.6.0?arch=x86&distroversion=v3.4&reponame=community
purl pkg:apk/alpine/firefox-esr@45.6.0?arch=x86&distroversion=v3.4&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@45.6.0%3Farch=x86&distroversion=v3.4&reponame=community
aliases CVE-2016-9901
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2xe3-59tz-zbc3
3
url VCID-4d2q-usge-77ft
vulnerability_id VCID-4d2q-usge-77ft
summary 
Multiple vulnerabilities have been found in Mozilla Firefox and
    Thunderbird the worst of which could lead to the execution of arbitrary
    code.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-2946.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-2946.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9898.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9898.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9898
reference_id
reference_type
scores
0
value 0.02604
scoring_system epss
scoring_elements 0.85645
published_at 2026-04-16T12:55:00Z
1
value 0.02604
scoring_system epss
scoring_elements 0.8558
published_at 2026-04-04T12:55:00Z
2
value 0.02604
scoring_system epss
scoring_elements 0.85585
published_at 2026-04-07T12:55:00Z
3
value 0.02604
scoring_system epss
scoring_elements 0.85605
published_at 2026-04-08T12:55:00Z
4
value 0.02604
scoring_system epss
scoring_elements 0.85616
published_at 2026-04-09T12:55:00Z
5
value 0.02604
scoring_system epss
scoring_elements 0.85629
published_at 2026-04-11T12:55:00Z
6
value 0.02604
scoring_system epss
scoring_elements 0.85626
published_at 2026-04-12T12:55:00Z
7
value 0.02604
scoring_system epss
scoring_elements 0.85622
published_at 2026-04-13T12:55:00Z
8
value 0.02604
scoring_system epss
scoring_elements 0.8555
published_at 2026-04-01T12:55:00Z
9
value 0.02604
scoring_system epss
scoring_elements 0.85562
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9898
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1314442
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1314442
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905
14
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
15
reference_url https://www.debian.org/security/2017/dsa-3757
reference_id
reference_type
scores
url https://www.debian.org/security/2017/dsa-3757
16
reference_url https://www.mozilla.org/security/advisories/mfsa2016-94/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-94/
17
reference_url https://www.mozilla.org/security/advisories/mfsa2016-95/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-95/
18
reference_url https://www.mozilla.org/security/advisories/mfsa2016-96/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-96/
19
reference_url http://www.securityfocus.com/bid/94885
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/94885
20
reference_url http://www.securitytracker.com/id/1037461
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037461
21
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1404089
reference_id 1404089
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1404089
22
reference_url https://security.archlinux.org/ASA-201612-15
reference_id ASA-201612-15
reference_type
scores
url https://security.archlinux.org/ASA-201612-15
23
reference_url https://security.archlinux.org/AVG-106
reference_id AVG-106
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-106
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9898
reference_id CVE-2016-9898
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2016-9898
45
reference_url https://security.gentoo.org/glsa/201701-15
reference_id GLSA-201701-15
reference_type
scores
url https://security.gentoo.org/glsa/201701-15
46
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-94
reference_id mfsa2016-94
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-94
47
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-95
reference_id mfsa2016-95
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-95
48
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-96
reference_id mfsa2016-96
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-96
49
reference_url https://access.redhat.com/errata/RHSA-2016:2946
reference_id RHSA-2016:2946
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2946
50
reference_url https://usn.ubuntu.com/3155-1/
reference_id USN-3155-1
reference_type
scores
url https://usn.ubuntu.com/3155-1/
51
reference_url https://usn.ubuntu.com/3165-1/
reference_id USN-3165-1
reference_type
scores
url https://usn.ubuntu.com/3165-1/
fixed_packages
0
url pkg:apk/alpine/firefox-esr@45.6.0?arch=x86&distroversion=v3.4&reponame=community
purl pkg:apk/alpine/firefox-esr@45.6.0?arch=x86&distroversion=v3.4&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@45.6.0%3Farch=x86&distroversion=v3.4&reponame=community
aliases CVE-2016-9898
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4d2q-usge-77ft
4
url VCID-5dyh-s3yd-vqes
vulnerability_id VCID-5dyh-s3yd-vqes
summary 
Multiple vulnerabilities have been found in Mozilla Firefox and
    Thunderbird the worst of which could lead to the execution of arbitrary
    code.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-2946.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-2946.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2016-2973.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-2973.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9895.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9895.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9895
reference_id
reference_type
scores
0
value 0.00709
scoring_system epss
scoring_elements 0.72249
published_at 2026-04-16T12:55:00Z
1
value 0.00709
scoring_system epss
scoring_elements 0.72186
published_at 2026-04-04T12:55:00Z
2
value 0.00709
scoring_system epss
scoring_elements 0.72164
published_at 2026-04-07T12:55:00Z
3
value 0.00709
scoring_system epss
scoring_elements 0.72201
published_at 2026-04-08T12:55:00Z
4
value 0.00709
scoring_system epss
scoring_elements 0.72213
published_at 2026-04-09T12:55:00Z
5
value 0.00709
scoring_system epss
scoring_elements 0.72236
published_at 2026-04-11T12:55:00Z
6
value 0.00709
scoring_system epss
scoring_elements 0.7222
published_at 2026-04-12T12:55:00Z
7
value 0.00709
scoring_system epss
scoring_elements 0.72206
published_at 2026-04-13T12:55:00Z
8
value 0.00709
scoring_system epss
scoring_elements 0.72161
published_at 2026-04-01T12:55:00Z
9
value 0.00709
scoring_system epss
scoring_elements 0.72166
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9895
4
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1312272
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1312272
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905
15
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
16
reference_url https://www.debian.org/security/2017/dsa-3757
reference_id
reference_type
scores
url https://www.debian.org/security/2017/dsa-3757
17
reference_url https://www.mozilla.org/security/advisories/mfsa2016-94/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-94/
18
reference_url https://www.mozilla.org/security/advisories/mfsa2016-95/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-95/
19
reference_url https://www.mozilla.org/security/advisories/mfsa2016-96/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-96/
20
reference_url http://www.securityfocus.com/bid/94885
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/94885
21
reference_url http://www.securitytracker.com/id/1037461
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037461
22
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1404086
reference_id 1404086
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1404086
23
reference_url https://security.archlinux.org/ASA-201612-15
reference_id ASA-201612-15
reference_type
scores
url https://security.archlinux.org/ASA-201612-15
24
reference_url https://security.archlinux.org/AVG-106
reference_id AVG-106
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-106
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9895
reference_id CVE-2016-9895
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
1
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2016-9895
46
reference_url https://security.gentoo.org/glsa/201701-15
reference_id GLSA-201701-15
reference_type
scores
url https://security.gentoo.org/glsa/201701-15
47
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-94
reference_id mfsa2016-94
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-94
48
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-95
reference_id mfsa2016-95
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-95
49
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-96
reference_id mfsa2016-96
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-96
50
reference_url https://access.redhat.com/errata/RHSA-2016:2946
reference_id RHSA-2016:2946
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2946
51
reference_url https://access.redhat.com/errata/RHSA-2016:2973
reference_id RHSA-2016:2973
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2973
52
reference_url https://usn.ubuntu.com/3155-1/
reference_id USN-3155-1
reference_type
scores
url https://usn.ubuntu.com/3155-1/
53
reference_url https://usn.ubuntu.com/3165-1/
reference_id USN-3165-1
reference_type
scores
url https://usn.ubuntu.com/3165-1/
fixed_packages
0
url pkg:apk/alpine/firefox-esr@45.6.0?arch=x86&distroversion=v3.4&reponame=community
purl pkg:apk/alpine/firefox-esr@45.6.0?arch=x86&distroversion=v3.4&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@45.6.0%3Farch=x86&distroversion=v3.4&reponame=community
aliases CVE-2016-9895
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5dyh-s3yd-vqes
5
url VCID-fgnu-kh7z-xuau
vulnerability_id VCID-fgnu-kh7z-xuau
summary 
Multiple vulnerabilities have been found in Mozilla Firefox and
    Thunderbird the worst of which could lead to the execution of arbitrary
    code.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-2946.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-2946.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2016-2973.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-2973.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9902.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9902.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9902
reference_id
reference_type
scores
0
value 0.00411
scoring_system epss
scoring_elements 0.61425
published_at 2026-04-16T12:55:00Z
1
value 0.00411
scoring_system epss
scoring_elements 0.61338
published_at 2026-04-07T12:55:00Z
2
value 0.00411
scoring_system epss
scoring_elements 0.61384
published_at 2026-04-08T12:55:00Z
3
value 0.00411
scoring_system epss
scoring_elements 0.614
published_at 2026-04-09T12:55:00Z
4
value 0.00411
scoring_system epss
scoring_elements 0.61421
published_at 2026-04-11T12:55:00Z
5
value 0.00411
scoring_system epss
scoring_elements 0.61406
published_at 2026-04-12T12:55:00Z
6
value 0.00411
scoring_system epss
scoring_elements 0.61387
published_at 2026-04-13T12:55:00Z
7
value 0.00411
scoring_system epss
scoring_elements 0.61259
published_at 2026-04-01T12:55:00Z
8
value 0.00411
scoring_system epss
scoring_elements 0.61339
published_at 2026-04-02T12:55:00Z
9
value 0.00411
scoring_system epss
scoring_elements 0.61368
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9902
4
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1320039
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1320039
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905
15
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
16
reference_url https://www.mozilla.org/security/advisories/mfsa2016-94/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-94/
17
reference_url https://www.mozilla.org/security/advisories/mfsa2016-95/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-95/
18
reference_url http://www.securityfocus.com/bid/94885
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/94885
19
reference_url http://www.securitytracker.com/id/1037461
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037461
20
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1404359
reference_id 1404359
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1404359
21
reference_url https://security.archlinux.org/ASA-201612-15
reference_id ASA-201612-15
reference_type
scores
url https://security.archlinux.org/ASA-201612-15
22
reference_url https://security.archlinux.org/AVG-106
reference_id AVG-106
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-106
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9902
reference_id CVE-2016-9902
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2016-9902
39
reference_url https://security.gentoo.org/glsa/201701-15
reference_id GLSA-201701-15
reference_type
scores
url https://security.gentoo.org/glsa/201701-15
40
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-94
reference_id mfsa2016-94
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-94
41
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-95
reference_id mfsa2016-95
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-95
42
reference_url https://access.redhat.com/errata/RHSA-2016:2946
reference_id RHSA-2016:2946
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2946
43
reference_url https://access.redhat.com/errata/RHSA-2016:2973
reference_id RHSA-2016:2973
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2973
44
reference_url https://usn.ubuntu.com/3155-1/
reference_id USN-3155-1
reference_type
scores
url https://usn.ubuntu.com/3155-1/
fixed_packages
0
url pkg:apk/alpine/firefox-esr@45.6.0?arch=x86&distroversion=v3.4&reponame=community
purl pkg:apk/alpine/firefox-esr@45.6.0?arch=x86&distroversion=v3.4&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@45.6.0%3Farch=x86&distroversion=v3.4&reponame=community
aliases CVE-2016-9902
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fgnu-kh7z-xuau
6
url VCID-pbrt-gcqj-kycv
vulnerability_id VCID-pbrt-gcqj-kycv
summary 
Multiple vulnerabilities have been found in Mozilla Firefox and
    Thunderbird the worst of which could lead to the execution of arbitrary
    code.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-2946.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-2946.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2016-2973.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-2973.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9900.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9900.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9900
reference_id
reference_type
scores
0
value 0.01011
scoring_system epss
scoring_elements 0.77149
published_at 2026-04-16T12:55:00Z
1
value 0.01011
scoring_system epss
scoring_elements 0.77083
published_at 2026-04-04T12:55:00Z
2
value 0.01011
scoring_system epss
scoring_elements 0.77065
published_at 2026-04-07T12:55:00Z
3
value 0.01011
scoring_system epss
scoring_elements 0.77097
published_at 2026-04-08T12:55:00Z
4
value 0.01011
scoring_system epss
scoring_elements 0.77107
published_at 2026-04-09T12:55:00Z
5
value 0.01011
scoring_system epss
scoring_elements 0.77135
published_at 2026-04-11T12:55:00Z
6
value 0.01011
scoring_system epss
scoring_elements 0.77114
published_at 2026-04-12T12:55:00Z
7
value 0.01011
scoring_system epss
scoring_elements 0.77109
published_at 2026-04-13T12:55:00Z
8
value 0.01011
scoring_system epss
scoring_elements 0.77049
published_at 2026-04-01T12:55:00Z
9
value 0.01011
scoring_system epss
scoring_elements 0.77055
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9900
4
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1319122
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1319122
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905
15
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
16
reference_url https://www.debian.org/security/2017/dsa-3757
reference_id
reference_type
scores
url https://www.debian.org/security/2017/dsa-3757
17
reference_url https://www.mozilla.org/security/advisories/mfsa2016-94/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-94/
18
reference_url https://www.mozilla.org/security/advisories/mfsa2016-95/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-95/
19
reference_url https://www.mozilla.org/security/advisories/mfsa2016-96/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-96/
20
reference_url http://www.securityfocus.com/bid/94885
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/94885
21
reference_url http://www.securitytracker.com/id/1037461
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037461
22
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1404090
reference_id 1404090
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1404090
23
reference_url https://security.archlinux.org/ASA-201612-15
reference_id ASA-201612-15
reference_type
scores
url https://security.archlinux.org/ASA-201612-15
24
reference_url https://security.archlinux.org/AVG-106
reference_id AVG-106
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-106
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9900
reference_id CVE-2016-9900
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2016-9900
46
reference_url https://security.gentoo.org/glsa/201701-15
reference_id GLSA-201701-15
reference_type
scores
url https://security.gentoo.org/glsa/201701-15
47
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-94
reference_id mfsa2016-94
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-94
48
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-95
reference_id mfsa2016-95
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-95
49
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-96
reference_id mfsa2016-96
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-96
50
reference_url https://access.redhat.com/errata/RHSA-2016:2946
reference_id RHSA-2016:2946
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2946
51
reference_url https://access.redhat.com/errata/RHSA-2016:2973
reference_id RHSA-2016:2973
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2973
52
reference_url https://usn.ubuntu.com/3155-1/
reference_id USN-3155-1
reference_type
scores
url https://usn.ubuntu.com/3155-1/
53
reference_url https://usn.ubuntu.com/3165-1/
reference_id USN-3165-1
reference_type
scores
url https://usn.ubuntu.com/3165-1/
fixed_packages
0
url pkg:apk/alpine/firefox-esr@45.6.0?arch=x86&distroversion=v3.4&reponame=community
purl pkg:apk/alpine/firefox-esr@45.6.0?arch=x86&distroversion=v3.4&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@45.6.0%3Farch=x86&distroversion=v3.4&reponame=community
aliases CVE-2016-9900
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pbrt-gcqj-kycv
7
url VCID-q4x5-dz5r-jqgr
vulnerability_id VCID-q4x5-dz5r-jqgr
summary 
Multiple vulnerabilities have been found in Mozilla Firefox and
    Thunderbird the worst of which could lead to the execution of arbitrary
    code.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-2946.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-2946.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2016-2973.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-2973.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9905.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9905.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9905
reference_id
reference_type
scores
0
value 0.01174
scoring_system epss
scoring_elements 0.78719
published_at 2026-04-16T12:55:00Z
1
value 0.01174
scoring_system epss
scoring_elements 0.78685
published_at 2026-04-08T12:55:00Z
2
value 0.01174
scoring_system epss
scoring_elements 0.78692
published_at 2026-04-09T12:55:00Z
3
value 0.01174
scoring_system epss
scoring_elements 0.78716
published_at 2026-04-11T12:55:00Z
4
value 0.01174
scoring_system epss
scoring_elements 0.78698
published_at 2026-04-12T12:55:00Z
5
value 0.01174
scoring_system epss
scoring_elements 0.7869
published_at 2026-04-13T12:55:00Z
6
value 0.01174
scoring_system epss
scoring_elements 0.78642
published_at 2026-04-01T12:55:00Z
7
value 0.01174
scoring_system epss
scoring_elements 0.78648
published_at 2026-04-02T12:55:00Z
8
value 0.01174
scoring_system epss
scoring_elements 0.78679
published_at 2026-04-04T12:55:00Z
9
value 0.01174
scoring_system epss
scoring_elements 0.78659
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9905
4
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1293985
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1293985
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905
15
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
16
reference_url https://www.debian.org/security/2017/dsa-3757
reference_id
reference_type
scores
url https://www.debian.org/security/2017/dsa-3757
17
reference_url https://www.mozilla.org/security/advisories/mfsa2016-95/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-95/
18
reference_url https://www.mozilla.org/security/advisories/mfsa2016-96/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-96/
19
reference_url http://www.securityfocus.com/bid/94884
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/94884
20
reference_url http://www.securitytracker.com/id/1037462
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037462
21
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1404094
reference_id 1404094
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1404094
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9905
reference_id CVE-2016-9905
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
1
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2016-9905
35
reference_url https://security.gentoo.org/glsa/201701-15
reference_id GLSA-201701-15
reference_type
scores
url https://security.gentoo.org/glsa/201701-15
36
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-95
reference_id mfsa2016-95
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-95
37
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-96
reference_id mfsa2016-96
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-96
38
reference_url https://access.redhat.com/errata/RHSA-2016:2946
reference_id RHSA-2016:2946
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2946
39
reference_url https://access.redhat.com/errata/RHSA-2016:2973
reference_id RHSA-2016:2973
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2973
40
reference_url https://usn.ubuntu.com/3165-1/
reference_id USN-3165-1
reference_type
scores
url https://usn.ubuntu.com/3165-1/
fixed_packages
0
url pkg:apk/alpine/firefox-esr@45.6.0?arch=x86&distroversion=v3.4&reponame=community
purl pkg:apk/alpine/firefox-esr@45.6.0?arch=x86&distroversion=v3.4&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@45.6.0%3Farch=x86&distroversion=v3.4&reponame=community
aliases CVE-2016-9905
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q4x5-dz5r-jqgr
8
url VCID-qu91-vc1p-dyb1
vulnerability_id VCID-qu91-vc1p-dyb1
summary 
Multiple vulnerabilities have been found in Mozilla Firefox and
    Thunderbird the worst of which could lead to the execution of arbitrary
    code.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-2946.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-2946.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2016-2973.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-2973.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9899.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9899.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9899
reference_id
reference_type
scores
0
value 0.36421
scoring_system epss
scoring_elements 0.97126
published_at 2026-04-16T12:55:00Z
1
value 0.36421
scoring_system epss
scoring_elements 0.97118
published_at 2026-04-13T12:55:00Z
2
value 0.36421
scoring_system epss
scoring_elements 0.97089
published_at 2026-04-01T12:55:00Z
3
value 0.36421
scoring_system epss
scoring_elements 0.97117
published_at 2026-04-12T12:55:00Z
4
value 0.36421
scoring_system epss
scoring_elements 0.97116
published_at 2026-04-11T12:55:00Z
5
value 0.36421
scoring_system epss
scoring_elements 0.97112
published_at 2026-04-09T12:55:00Z
6
value 0.36421
scoring_system epss
scoring_elements 0.97102
published_at 2026-04-07T12:55:00Z
7
value 0.36421
scoring_system epss
scoring_elements 0.97101
published_at 2026-04-04T12:55:00Z
8
value 0.36421
scoring_system epss
scoring_elements 0.97096
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9899
4
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1317409
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1317409
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905
15
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
16
reference_url https://www.debian.org/security/2017/dsa-3757
reference_id
reference_type
scores
url https://www.debian.org/security/2017/dsa-3757
17
reference_url https://www.exploit-db.com/exploits/41042/
reference_id
reference_type
scores
url https://www.exploit-db.com/exploits/41042/
18
reference_url https://www.mozilla.org/security/advisories/mfsa2016-94/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-94/
19
reference_url https://www.mozilla.org/security/advisories/mfsa2016-95/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-95/
20
reference_url https://www.mozilla.org/security/advisories/mfsa2016-96/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-96/
21
reference_url http://www.securityfocus.com/bid/94885
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/94885
22
reference_url http://www.securitytracker.com/id/1037461
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037461
23
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1404083
reference_id 1404083
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1404083
24
reference_url https://security.archlinux.org/ASA-201612-15
reference_id ASA-201612-15
reference_type
scores
url https://security.archlinux.org/ASA-201612-15
25
reference_url https://security.archlinux.org/AVG-106
reference_id AVG-106
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-106
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
46
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/41042.html
reference_id CVE-2016-9899
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/41042.html
47
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9899
reference_id CVE-2016-9899
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2016-9899
48
reference_url https://security.gentoo.org/glsa/201701-15
reference_id GLSA-201701-15
reference_type
scores
url https://security.gentoo.org/glsa/201701-15
49
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-94
reference_id mfsa2016-94
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-94
50
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-95
reference_id mfsa2016-95
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-95
51
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-96
reference_id mfsa2016-96
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-96
52
reference_url https://access.redhat.com/errata/RHSA-2016:2946
reference_id RHSA-2016:2946
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2946
53
reference_url https://access.redhat.com/errata/RHSA-2016:2973
reference_id RHSA-2016:2973
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2973
54
reference_url https://usn.ubuntu.com/3155-1/
reference_id USN-3155-1
reference_type
scores
url https://usn.ubuntu.com/3155-1/
55
reference_url https://usn.ubuntu.com/3165-1/
reference_id USN-3165-1
reference_type
scores
url https://usn.ubuntu.com/3165-1/
fixed_packages
0
url pkg:apk/alpine/firefox-esr@45.6.0?arch=x86&distroversion=v3.4&reponame=community
purl pkg:apk/alpine/firefox-esr@45.6.0?arch=x86&distroversion=v3.4&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@45.6.0%3Farch=x86&distroversion=v3.4&reponame=community
aliases CVE-2016-9899
risk_score 10.0
exploitability 2.0
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qu91-vc1p-dyb1
9
url VCID-ysg5-wc3n-fbgw
vulnerability_id VCID-ysg5-wc3n-fbgw
summary 
Multiple vulnerabilities have been found in Mozilla Firefox and
    Thunderbird the worst of which could lead to the execution of arbitrary
    code.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-2946.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-2946.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2016-2973.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-2973.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9893.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9893.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9893
reference_id
reference_type
scores
0
value 0.02683
scoring_system epss
scoring_elements 0.85868
published_at 2026-04-16T12:55:00Z
1
value 0.02683
scoring_system epss
scoring_elements 0.85807
published_at 2026-04-04T12:55:00Z
2
value 0.02683
scoring_system epss
scoring_elements 0.85813
published_at 2026-04-07T12:55:00Z
3
value 0.02683
scoring_system epss
scoring_elements 0.85831
published_at 2026-04-08T12:55:00Z
4
value 0.02683
scoring_system epss
scoring_elements 0.85842
published_at 2026-04-09T12:55:00Z
5
value 0.02683
scoring_system epss
scoring_elements 0.85856
published_at 2026-04-11T12:55:00Z
6
value 0.02683
scoring_system epss
scoring_elements 0.85853
published_at 2026-04-12T12:55:00Z
7
value 0.02683
scoring_system epss
scoring_elements 0.85849
published_at 2026-04-13T12:55:00Z
8
value 0.02683
scoring_system epss
scoring_elements 0.85776
published_at 2026-04-01T12:55:00Z
9
value 0.02683
scoring_system epss
scoring_elements 0.85789
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9893
4
reference_url https://bugzilla.mozilla.org/buglist.cgi?bug_id=1319524%2C1298773%2C1299098%2C1309834%2C1312609%2C1313212%2C1317805%2C1312548%2C1315631%2C1287912
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/buglist.cgi?bug_id=1319524%2C1298773%2C1299098%2C1309834%2C1312609%2C1313212%2C1317805%2C1312548%2C1315631%2C1287912
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905
15
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
16
reference_url https://www.debian.org/security/2017/dsa-3757
reference_id
reference_type
scores
url https://www.debian.org/security/2017/dsa-3757
17
reference_url https://www.mozilla.org/security/advisories/mfsa2016-94/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-94/
18
reference_url https://www.mozilla.org/security/advisories/mfsa2016-95/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-95/
19
reference_url https://www.mozilla.org/security/advisories/mfsa2016-96/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-96/
20
reference_url http://www.securityfocus.com/bid/94885
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/94885
21
reference_url http://www.securitytracker.com/id/1037461
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037461
22
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1404096
reference_id 1404096
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1404096
23
reference_url https://security.archlinux.org/ASA-201612-15
reference_id ASA-201612-15
reference_type
scores
url https://security.archlinux.org/ASA-201612-15
24
reference_url https://security.archlinux.org/AVG-106
reference_id AVG-106
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-106
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9893
reference_id CVE-2016-9893
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2016-9893
46
reference_url https://security.gentoo.org/glsa/201701-15
reference_id GLSA-201701-15
reference_type
scores
url https://security.gentoo.org/glsa/201701-15
47
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-94
reference_id mfsa2016-94
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-94
48
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-95
reference_id mfsa2016-95
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-95
49
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-96
reference_id mfsa2016-96
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-96
50
reference_url https://access.redhat.com/errata/RHSA-2016:2946
reference_id RHSA-2016:2946
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2946
51
reference_url https://access.redhat.com/errata/RHSA-2016:2973
reference_id RHSA-2016:2973
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2973
52
reference_url https://usn.ubuntu.com/3155-1/
reference_id USN-3155-1
reference_type
scores
url https://usn.ubuntu.com/3155-1/
53
reference_url https://usn.ubuntu.com/3165-1/
reference_id USN-3165-1
reference_type
scores
url https://usn.ubuntu.com/3165-1/
fixed_packages
0
url pkg:apk/alpine/firefox-esr@45.6.0?arch=x86&distroversion=v3.4&reponame=community
purl pkg:apk/alpine/firefox-esr@45.6.0?arch=x86&distroversion=v3.4&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@45.6.0%3Farch=x86&distroversion=v3.4&reponame=community
aliases CVE-2016-9893
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ysg5-wc3n-fbgw
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@45.6.0%3Farch=x86&distroversion=v3.4&reponame=community