Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/86484?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/86484?format=api", "purl": "pkg:mozilla/Firefox@47.0.0", "type": "mozilla", "namespace": "", "name": "Firefox", "version": "47.0.0", "qualifiers": {}, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "48.0.0", "latest_non_vulnerable_version": "150.0.0", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63472?format=api", "vulnerability_id": "VCID-2w58-mdmk-guh8", "summary": "Mozilla has updated the version of Network Security Services\n(NSS) library used in Firefox to NSS 3.23. This addresses four moderate rated\nnetworking security issues reported by Mozilla engineers Tyson Smith and\nJed Davis.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00055.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00055.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2779.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2779.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2834.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2834.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2834", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.60676", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.60515", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.60663", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.60642", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.60685", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.60691", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.6059", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.60619", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.60589", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.60638", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.60653", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.60678", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2834" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1206283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1206283" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1221620", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1221620" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1241034", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1241034" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1241037", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1241037" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950" }, { "reference_url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.23_release_notes", "reference_id": "", "reference_type": "", "scores": [], "url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.23_release_notes" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3688", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3688" }, { "reference_url": "http://www.mozilla.org/security/announce/2016/mfsa2016-61.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-61.html" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" }, { "reference_url": "http://www.securityfocus.com/bid/91072", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/91072" }, { "reference_url": "http://www.securitytracker.com/id/1036057", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1036057" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2993-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2993-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-3029-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-3029-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1347908", "reference_id": "1347908", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1347908" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:network_security_services:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:sp1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:sp1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:sp1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:sp1:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:sp1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:sp1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:sp1:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:sp1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:sp1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2834", "reference_id": "CVE-2016-2834", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2834" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2834", "reference_id": "CVE-2016-2834", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:C/I:C/A:C" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2834" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-61", "reference_id": "mfsa2016-61", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-61" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2779", "reference_id": "RHSA-2016:2779", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2779" }, { "reference_url": "https://usn.ubuntu.com/2993-1/", "reference_id": "USN-2993-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2993-1/" }, { "reference_url": "https://usn.ubuntu.com/3029-1/", "reference_id": "USN-3029-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3029-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/86484?format=api", "purl": "pkg:mozilla/Firefox@47.0.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@47.0.0" } ], "aliases": [ "CVE-2016-2834" ], "risk_score": 4.2, "exploitability": "0.5", "weighted_severity": "8.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2w58-mdmk-guh8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63486?format=api", "vulnerability_id": "VCID-4gwx-75uj-tyep", "summary": "Mozilla community member jomo reported a use-after-free crash when\nprocessing WebGL content. This issue was caused by the use of a texture after its recycle\npool has been destroyed during WebGL operations, which frees the memory associated with\nthe texture. This results in a potentially exploitable crash when the texture is later\ncalled.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00055.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00055.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2828.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2828.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2828", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02095", "scoring_system": "epss", "scoring_elements": "0.84091", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02095", "scoring_system": "epss", "scoring_elements": "0.83971", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02095", "scoring_system": "epss", "scoring_elements": "0.84039", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02095", "scoring_system": "epss", "scoring_elements": "0.84062", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02095", "scoring_system": "epss", "scoring_elements": "0.84064", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02095", "scoring_system": "epss", "scoring_elements": "0.84066", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02095", "scoring_system": "epss", "scoring_elements": "0.83986", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02095", "scoring_system": "epss", "scoring_elements": "0.84001", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02095", "scoring_system": "epss", "scoring_elements": "0.84004", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02095", "scoring_system": "epss", "scoring_elements": "0.84027", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02095", "scoring_system": "epss", "scoring_elements": "0.84033", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02095", "scoring_system": "epss", "scoring_elements": "0.8405", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02095", "scoring_system": "epss", "scoring_elements": "0.84044", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2828" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1223810", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1223810" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3600", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3600" }, { "reference_url": "http://www.mozilla.org/security/announce/2016/mfsa2016-56.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-56.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "reference_url": "http://www.securityfocus.com/bid/91075", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/91075" }, { "reference_url": "http://www.securitytracker.com/id/1036057", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1036057" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2993-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2993-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1342895", "reference_id": "1342895", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1342895" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2828", "reference_id": "CVE-2016-2828", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2828" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2828", "reference_id": "CVE-2016-2828", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2828" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-56", "reference_id": "mfsa2016-56", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-56" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1217", "reference_id": "RHSA-2016:1217", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1217" }, { "reference_url": "https://usn.ubuntu.com/2993-1/", "reference_id": "USN-2993-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2993-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/86484?format=api", "purl": "pkg:mozilla/Firefox@47.0.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@47.0.0" } ], "aliases": [ "CVE-2016-2828" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4gwx-75uj-tyep" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63498?format=api", "vulnerability_id": "VCID-bd3j-r1wt-dyf4", "summary": "Security researcher sushi Anton Larsson reported that when paired\nfullscreen and pointerlock requests are done in combination with closing windows, a\npointerlock can be created within a fullscreen window without user permission. This\npointerlock cannot then be cancelled without terminating the browser, resulting in a\npersistent denial of service attack. This can also be used for spoofing and clickjacking\nattacks against the browser UI.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00055.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00055.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2831.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2831.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2831", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00668", "scoring_system": "epss", "scoring_elements": "0.71363", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00668", "scoring_system": "epss", "scoring_elements": "0.7123", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00668", "scoring_system": "epss", "scoring_elements": "0.71293", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00668", "scoring_system": "epss", "scoring_elements": "0.71278", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00668", "scoring_system": "epss", "scoring_elements": "0.71324", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00668", "scoring_system": "epss", "scoring_elements": "0.7133", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00668", "scoring_system": "epss", "scoring_elements": "0.71238", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00668", "scoring_system": "epss", "scoring_elements": "0.71256", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00668", "scoring_system": "epss", "scoring_elements": "0.71231", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00668", "scoring_system": "epss", "scoring_elements": "0.71272", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00668", "scoring_system": "epss", "scoring_elements": "0.71286", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00668", "scoring_system": "epss", "scoring_elements": "0.71309", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2831" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1261933", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1261933" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3600", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3600" }, { "reference_url": "http://www.mozilla.org/security/announce/2016/mfsa2016-58.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-58.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "reference_url": "http://www.securityfocus.com/bid/91075", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/91075" }, { "reference_url": "http://www.securitytracker.com/id/1036057", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1036057" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2993-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2993-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1342898", "reference_id": "1342898", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1342898" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2831", "reference_id": "CVE-2016-2831", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2831" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2831", "reference_id": "CVE-2016-2831", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2831" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-58", "reference_id": "mfsa2016-58", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-58" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1217", "reference_id": "RHSA-2016:1217", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1217" }, { "reference_url": "https://usn.ubuntu.com/2993-1/", "reference_id": "USN-2993-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2993-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/86484?format=api", "purl": "pkg:mozilla/Firefox@47.0.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@47.0.0" } ], "aliases": [ "CVE-2016-2831" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bd3j-r1wt-dyf4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63481?format=api", "vulnerability_id": "VCID-bp6q-cu6s-2ke7", "summary": "Mozilla developers and community members reported several memory safety bugs in the\nbrowser engine used in Firefox and other Mozilla-based products. Some of these bugs showed\nevidence of memory corruption under certain circumstances, and we presume that with enough\neffort at least some of these could be exploited to run arbitrary code.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00055.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00055.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2818.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2818.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2818", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.60651", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.60504", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.60631", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.60673", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.60679", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.60665", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.60579", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.60609", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.60578", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.60627", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.60642", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.60666", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.60652", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2818" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1234147", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1234147" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1256493", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1256493" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1256739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1256739" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1256968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1256968" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1261230", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1261230" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1261752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1261752" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1263384", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1263384" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1264575", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1264575" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1265577", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1265577" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1267130", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1267130" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1269729", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1269729" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1273202", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1273202" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1273701", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1273701" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3600", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3600" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3647", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3647" }, { "reference_url": "http://www.mozilla.org/security/announce/2016/mfsa2016-49.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-49.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" }, { "reference_url": "http://www.securityfocus.com/bid/91075", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/91075" }, { "reference_url": "http://www.securitytracker.com/id/1036057", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1036057" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2993-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2993-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-3023-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-3023-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1342887", "reference_id": "1342887", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1342887" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:sp1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:sp1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:sp1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:sp1:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:sp1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:sp1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:sp1:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:sp1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:sp1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2818", "reference_id": "CVE-2016-2818", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2818" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2818", "reference_id": "CVE-2016-2818", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2818" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-49", "reference_id": "mfsa2016-49", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-49" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1217", "reference_id": "RHSA-2016:1217", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1217" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1392", "reference_id": "RHSA-2016:1392", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1392" }, { "reference_url": "https://usn.ubuntu.com/2993-1/", "reference_id": "USN-2993-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2993-1/" }, { "reference_url": "https://usn.ubuntu.com/3023-1/", "reference_id": "USN-3023-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3023-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/86484?format=api", "purl": "pkg:mozilla/Firefox@47.0.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@47.0.0" } ], "aliases": [ "CVE-2016-2818" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bp6q-cu6s-2ke7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63497?format=api", "vulnerability_id": "VCID-c6jc-3917-x7dx", "summary": "Security researcher Tim McCormack reported that when a page requests a\nseries of permissions in a short timespan, the resulting permission notifications can show\nthe icon for the wrong permission request. This can lead to user confusion and inadvertent\nconsent given when a user is prompted by web content to give permissions, such as for\ngeolocation or microphone access.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2829.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2829.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2829", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.588", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58704", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58826", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58844", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58807", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58839", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58778", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58799", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58768", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.5882", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2829" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1248329", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1248329" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.mozilla.org/security/announce/2016/mfsa2016-57.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-57.html" }, { "reference_url": "http://www.securitytracker.com/id/1036057", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1036057" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2993-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2993-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1342896", "reference_id": "1342896", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1342896" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2829", "reference_id": "CVE-2016-2829", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2829" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2829", "reference_id": "CVE-2016-2829", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2829" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-57", "reference_id": "mfsa2016-57", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-57" }, { "reference_url": "https://usn.ubuntu.com/2993-1/", "reference_id": "USN-2993-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2993-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/86484?format=api", "purl": "pkg:mozilla/Firefox@47.0.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@47.0.0" } ], "aliases": [ "CVE-2016-2829" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c6jc-3917-x7dx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63492?format=api", "vulnerability_id": "VCID-ev18-anej-zbap", "summary": "Security researcher Jordi Chancel reported a method to spoof the\ncontents of the addressbar. This uses a persistent menu within a\n<select> element, which acts as a container for HTML content and can be\nplaced in an arbitrary location. When placed over the addressbar, this can mask the true\nsite URL, allowing for spoofing by a malicious site.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00055.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00055.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2822.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2822.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2822", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00697", "scoring_system": "epss", "scoring_elements": "0.72005", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00697", "scoring_system": "epss", "scoring_elements": "0.71891", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00697", "scoring_system": "epss", "scoring_elements": "0.71946", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00697", "scoring_system": "epss", "scoring_elements": "0.7197", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00697", "scoring_system": "epss", "scoring_elements": "0.71974", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00697", "scoring_system": "epss", "scoring_elements": "0.7196", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00697", "scoring_system": "epss", "scoring_elements": "0.71899", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00697", "scoring_system": "epss", "scoring_elements": "0.71918", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00697", "scoring_system": "epss", "scoring_elements": "0.7189", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00697", "scoring_system": "epss", "scoring_elements": "0.71928", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00697", "scoring_system": "epss", "scoring_elements": "0.71939", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00697", "scoring_system": "epss", "scoring_elements": "0.71963", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2822" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1273129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1273129" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3600", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3600" }, { "reference_url": "http://www.mozilla.org/security/announce/2016/mfsa2016-52.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-52.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "reference_url": "http://www.securityfocus.com/bid/91075", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/91075" }, { "reference_url": "http://www.securitytracker.com/id/1036057", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1036057" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2993-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2993-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1342893", "reference_id": "1342893", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1342893" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2822", "reference_id": "CVE-2016-2822", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2822" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2822", "reference_id": "CVE-2016-2822", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2822" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-52", "reference_id": "mfsa2016-52", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-52" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1217", "reference_id": "RHSA-2016:1217", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1217" }, { "reference_url": "https://usn.ubuntu.com/2993-1/", "reference_id": "USN-2993-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2993-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/86484?format=api", "purl": "pkg:mozilla/Firefox@47.0.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@47.0.0" } ], "aliases": [ "CVE-2016-2822" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ev18-anej-zbap" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63496?format=api", "vulnerability_id": "VCID-k813-qahc-ubf4", "summary": "Security researcher Aral reported an out-of-bounds write when using\nthe ANGLE graphics library, which is used for WebGL content on Windows systems. This crash\noccurs due to improper size checking while writing to an array during some WebGL shader\noperations.\nThe ANGLE graphics library is only used on Windows. Linux, OS X, and\nAndroid operating systems are not affected by this vulnerability.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00055.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00055.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2824", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00696", "scoring_system": "epss", "scoring_elements": "0.71987", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00696", "scoring_system": "epss", "scoring_elements": "0.71874", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00696", "scoring_system": "epss", "scoring_elements": "0.71928", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00696", "scoring_system": "epss", "scoring_elements": "0.71953", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00696", "scoring_system": "epss", "scoring_elements": "0.71957", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00696", "scoring_system": "epss", "scoring_elements": "0.71942", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00696", "scoring_system": "epss", "scoring_elements": "0.71881", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00696", "scoring_system": "epss", "scoring_elements": "0.719", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00696", "scoring_system": "epss", "scoring_elements": "0.71872", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00696", "scoring_system": "epss", "scoring_elements": "0.71911", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00696", "scoring_system": "epss", "scoring_elements": "0.71922", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00696", "scoring_system": "epss", "scoring_elements": "0.71945", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2824" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1248580", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1248580" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.mozilla.org/security/announce/2016/mfsa2016-53.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-53.html" }, { "reference_url": "http://www.securityfocus.com/bid/91075", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/91075" }, { "reference_url": "http://www.securitytracker.com/id/1036057", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1036057" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2824", "reference_id": "CVE-2016-2824", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2824" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2824", "reference_id": "CVE-2016-2824", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2824" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-53", "reference_id": "mfsa2016-53", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-53" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/86484?format=api", "purl": "pkg:mozilla/Firefox@47.0.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@47.0.0" } ], "aliases": [ "CVE-2016-2824" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k813-qahc-ubf4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63477?format=api", "vulnerability_id": "VCID-kvkh-dxw4-rfde", "summary": "Security researcher firehack reported a buffer overflow when parsing\nHTML5 fragments in a foreign context such as under an <svg> node. This\nresults in a potentially exploitable crash when inserting an HTML fragment into an\nexisting document.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00055.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00055.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2819.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2819.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2819", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.65031", "scoring_system": "epss", "scoring_elements": "0.98486", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.65031", "scoring_system": "epss", "scoring_elements": "0.98462", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.65031", "scoring_system": "epss", "scoring_elements": "0.98476", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.65031", "scoring_system": "epss", "scoring_elements": "0.98475", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.65031", "scoring_system": "epss", "scoring_elements": "0.98481", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.65031", "scoring_system": "epss", "scoring_elements": "0.98482", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.65031", "scoring_system": "epss", "scoring_elements": "0.98464", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.65031", "scoring_system": "epss", "scoring_elements": "0.98466", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.65031", "scoring_system": "epss", "scoring_elements": "0.98468", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.65031", "scoring_system": "epss", "scoring_elements": "0.98472", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.65031", "scoring_system": "epss", "scoring_elements": "0.98473", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2819" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1270381", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1270381" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.exploit-db.com/exploits/44293/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/44293/" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3600", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3600" }, { "reference_url": "http://www.mozilla.org/security/announce/2016/mfsa2016-50.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-50.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "reference_url": "http://www.securityfocus.com/bid/91075", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/91075" }, { "reference_url": "http://www.securitytracker.com/id/1036057", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1036057" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2993-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2993-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1342891", "reference_id": "1342891", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1342891" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2819", "reference_id": "CVE-2016-2819", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2819" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2819", "reference_id": "CVE-2016-2819", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2819" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/44293.html", "reference_id": "CVE-2017-5375;CVE-2016-2819", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/44293.html" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-50", "reference_id": "mfsa2016-50", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-50" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1217", "reference_id": "RHSA-2016:1217", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1217" }, { "reference_url": "https://usn.ubuntu.com/2993-1/", "reference_id": "USN-2993-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2993-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/86484?format=api", "purl": "pkg:mozilla/Firefox@47.0.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@47.0.0" } ], "aliases": [ "CVE-2016-2819" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kvkh-dxw4-rfde" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63487?format=api", "vulnerability_id": "VCID-qa9c-xyvd-kygu", "summary": "Mozilla developer John Schoenick reported that CSS pseudo-classes can\nbe used by web content to leak information on plugins that are installed but disabled.\nThis can be used for information disclosure through a fingerprinting attack that lists all\nof the plugins installed by a user on a system, even when they are disabled.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2832.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2832.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2832", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62285", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62126", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62238", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62283", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.6229", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62275", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62187", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62218", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62185", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62235", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62252", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.6227", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.6226", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2832" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1025267", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1025267" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.mozilla.org/security/announce/2016/mfsa2016-59.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-59.html" }, { "reference_url": "http://www.securitytracker.com/id/1036057", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1036057" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2993-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2993-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1342899", "reference_id": "1342899", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1342899" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2832", "reference_id": "CVE-2016-2832", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2832" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2832", "reference_id": "CVE-2016-2832", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" }, { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2832" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-59", "reference_id": "mfsa2016-59", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-59" }, { "reference_url": "https://usn.ubuntu.com/2993-1/", "reference_id": "USN-2993-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2993-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/86484?format=api", "purl": "pkg:mozilla/Firefox@47.0.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@47.0.0" } ], "aliases": [ "CVE-2016-2832" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qa9c-xyvd-kygu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63475?format=api", "vulnerability_id": "VCID-qu9b-rst3-v7fa", "summary": "Security researcher Frédéric Hoguin reported a mechanism where the\nMozilla Windows updater could be used to overwrite arbitrary files. He found that files\nextracted by the updater from a MAR archive are not locked for writing and\ncan be overwritten by other processes while the updater is running. A malicious local\nprogram could invoke the updater and then interfere with the extracted files, replacing\nthem with its own. This vulnerability could be used for privilege escalation if these\noverwritten files were later invoked by other Windows components that had higher\nprivileges. \nThis issue does not affect non-Windows operating systems.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2826", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16512", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16589", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16631", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16568", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16576", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16615", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16769", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16826", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16612", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16697", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16751", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16731", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16688", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2826" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1237219", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1237219" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.1", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:S/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.mozilla.org/security/announce/2016/mfsa2016-55.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-55.html" }, { "reference_url": "http://www.securityfocus.com/bid/91075", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/91075" }, { "reference_url": "http://www.securitytracker.com/id/1036057", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1036057" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2826", "reference_id": "CVE-2016-2826", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2826" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2826", "reference_id": "CVE-2016-2826", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:C/I:C/A:C" }, { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2826" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-55", "reference_id": "mfsa2016-55", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-55" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/86484?format=api", "purl": "pkg:mozilla/Firefox@47.0.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@47.0.0" } ], "aliases": [ "CVE-2016-2826" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qu9b-rst3-v7fa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63499?format=api", "vulnerability_id": "VCID-qzrz-4abn-q7f2", "summary": "Security researcher Armin Ebert reported that the\nlocation.host property can be set to an arbitrary string after creating an\ninvalid data: URI. This allows for a bypass of some same-origin policy\nprotections. This issue is mitigated by the data: URI in use and any\nsame-origin checks for http: or https: are still enforced\ncorrectly. As a result cookie stealing and other common same-origin bypass attacks are not\npossible.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2825.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2825.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2825", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00522", "scoring_system": "epss", "scoring_elements": "0.66933", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00522", "scoring_system": "epss", "scoring_elements": "0.66805", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00522", "scoring_system": "epss", "scoring_elements": "0.66878", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00522", "scoring_system": "epss", "scoring_elements": "0.66911", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00522", "scoring_system": "epss", "scoring_elements": "0.66926", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00522", "scoring_system": "epss", "scoring_elements": "0.66908", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00522", "scoring_system": "epss", "scoring_elements": "0.66843", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00522", "scoring_system": "epss", "scoring_elements": "0.66869", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00522", "scoring_system": "epss", "scoring_elements": "0.66841", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00522", "scoring_system": "epss", "scoring_elements": "0.6689", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00522", "scoring_system": "epss", "scoring_elements": "0.66904", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00522", "scoring_system": "epss", "scoring_elements": "0.66924", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00522", "scoring_system": "epss", "scoring_elements": "0.6691", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2825" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1193093", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1193093" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.mozilla.org/security/announce/2016/mfsa2016-54.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-54.html" }, { "reference_url": "http://www.securitytracker.com/id/1036057", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1036057" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2993-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2993-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1342894", "reference_id": "1342894", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1342894" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2825", "reference_id": "CVE-2016-2825", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2825" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2825", "reference_id": "CVE-2016-2825", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2825" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-54", "reference_id": "mfsa2016-54", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-54" }, { "reference_url": "https://usn.ubuntu.com/2993-1/", "reference_id": "USN-2993-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2993-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/86484?format=api", "purl": "pkg:mozilla/Firefox@47.0.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@47.0.0" } ], "aliases": [ "CVE-2016-2825" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qzrz-4abn-q7f2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63473?format=api", "vulnerability_id": "VCID-sr99-hhmv-xkhq", "summary": "Security researcher firehack used the Address Sanitizer\ntool to discover a use-after-free in contenteditable mode. This occurs when deleting\ndocument object model (DOM) table elements created within the editor and results in a\npotentially exploitable crash.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00055.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00055.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2821.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2821.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2821", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02857", "scoring_system": "epss", "scoring_elements": "0.86276", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02857", "scoring_system": "epss", "scoring_elements": "0.86179", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02857", "scoring_system": "epss", "scoring_elements": "0.86241", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02857", "scoring_system": "epss", "scoring_elements": "0.86258", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02857", "scoring_system": "epss", "scoring_elements": "0.86263", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02857", "scoring_system": "epss", "scoring_elements": "0.86257", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02857", "scoring_system": "epss", "scoring_elements": "0.86189", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02857", "scoring_system": "epss", "scoring_elements": "0.86203", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02857", "scoring_system": "epss", "scoring_elements": "0.86222", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02857", "scoring_system": "epss", "scoring_elements": "0.86233", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02857", "scoring_system": "epss", "scoring_elements": "0.86248", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02857", "scoring_system": "epss", "scoring_elements": "0.86245", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2821" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1271460", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1271460" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3600", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3600" }, { "reference_url": "http://www.mozilla.org/security/announce/2016/mfsa2016-51.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-51.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "reference_url": "http://www.securityfocus.com/bid/91075", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/91075" }, { "reference_url": "http://www.securitytracker.com/id/1036057", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1036057" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2993-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2993-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1342892", "reference_id": "1342892", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1342892" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2821", "reference_id": "CVE-2016-2821", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2821" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2821", "reference_id": "CVE-2016-2821", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2821" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-51", "reference_id": "mfsa2016-51", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-51" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1217", "reference_id": "RHSA-2016:1217", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1217" }, { "reference_url": "https://usn.ubuntu.com/2993-1/", "reference_id": "USN-2993-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2993-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/86484?format=api", "purl": "pkg:mozilla/Firefox@47.0.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@47.0.0" } ], "aliases": [ "CVE-2016-2821" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sr99-hhmv-xkhq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63500?format=api", "vulnerability_id": "VCID-vzwe-r2ms-m7bv", "summary": "Mozilla engineer Matt Wobensmith reported that Content Security Policy\n(CSP) does not block the loading of cross-domain Java applets when specified by policy.\nThis is because the Java applet is loaded by the Java plugin, which then mediates all\nnetwork requests without checking against CSP. This could allow a malicious site to\nmanipulate content through a Java applet to bypass CSP protections, allowing for possible\ncross-site scripting (XSS) attacks.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2833.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2833.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2833", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49417", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49363", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49411", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49413", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.4946", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49457", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49392", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49419", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49372", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49427", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49422", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.4944", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2833" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=908933", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=908933" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.mozilla.org/security/announce/2016/mfsa2016-60.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-60.html" }, { "reference_url": "http://www.securitytracker.com/id/1036057", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1036057" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2993-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2993-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1342900", "reference_id": "1342900", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1342900" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2833", "reference_id": "CVE-2016-2833", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2833" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2833", "reference_id": "CVE-2016-2833", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" }, { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2833" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-60", "reference_id": "mfsa2016-60", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-60" }, { "reference_url": "https://usn.ubuntu.com/2993-1/", "reference_id": "USN-2993-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2993-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/86484?format=api", "purl": "pkg:mozilla/Firefox@47.0.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@47.0.0" } ], "aliases": [ "CVE-2016-2833" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vzwe-r2ms-m7bv" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@47.0.0" }