Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:mozilla/Thunderbird@38.8.0

Type mozilla

Namespace

Name Thunderbird

Version 38.8.0

Qualifiers

Subpath

Is_vulnerable false

Next_non_vulnerable_version 45.0.0

Latest_non_vulnerable_version 149.0.2

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-dk4z-1j37-aucx

vulnerability_id VCID-dk4z-1j37-aucx

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0591.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0591.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0684.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0684.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0685.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0685.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1979.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1979.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1979

reference_id

reference_type

scores

value	0.00707
scoring_system	epss
scoring_elements	0.72194
published_at	2026-04-21T12:55:00Z

value	0.00707
scoring_system	epss
scoring_elements	0.72113
published_at	2026-04-01T12:55:00Z

value	0.00707
scoring_system	epss
scoring_elements	0.72159
published_at	2026-04-13T12:55:00Z

value	0.00707
scoring_system	epss
scoring_elements	0.722
published_at	2026-04-16T12:55:00Z

value	0.00707
scoring_system	epss
scoring_elements	0.72209
published_at	2026-04-18T12:55:00Z

value	0.00707
scoring_system	epss
scoring_elements	0.72119
published_at	2026-04-02T12:55:00Z

value	0.00707
scoring_system	epss
scoring_elements	0.72139
published_at	2026-04-04T12:55:00Z

value	0.00707
scoring_system	epss
scoring_elements	0.72117
published_at	2026-04-07T12:55:00Z

value	0.00707
scoring_system	epss
scoring_elements	0.72153
published_at	2026-04-08T12:55:00Z

value	0.00707
scoring_system	epss
scoring_elements	0.72165
published_at	2026-04-09T12:55:00Z

value	0.00707
scoring_system	epss
scoring_elements	0.72188
published_at	2026-04-11T12:55:00Z

value	0.00707
scoring_system	epss
scoring_elements	0.72172
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1979

reference_url	https://bto.bluecoat.com/security-advisory/sa124
reference_id
reference_type
scores
url	https://bto.bluecoat.com/security-advisory/sa124

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1185033
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1185033

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807

reference_url	https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21.1_release_notes
reference_id
reference_type
scores
url	https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21.1_release_notes

reference_url	http://www.debian.org/security/2016/dsa-3576
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3576

reference_url	http://www.debian.org/security/2016/dsa-3688
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3688

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-36.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-36.html

reference_url	http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html

reference_url	http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

reference_url	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

reference_url	http://www.securityfocus.com/bid/84221
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84221

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2973-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2973-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315202
reference_id	1315202
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315202

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services::::::::
reference_id	cpe:2.3:a:mozilla:network_security_services::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services::::::::

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1979
reference_id	CVE-2016-1979
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1979

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1979

reference_id

CVE-2016-1979

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1979

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-36

reference_id

mfsa2016-36

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-36

reference_url	https://access.redhat.com/errata/RHSA-2016:0591
reference_id	RHSA-2016:0591
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0591

reference_url	https://access.redhat.com/errata/RHSA-2016:0684
reference_id	RHSA-2016:0684
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0684

reference_url	https://access.redhat.com/errata/RHSA-2016:0685
reference_id	RHSA-2016:0685
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0685

reference_url	https://usn.ubuntu.com/2973-1/
reference_id	USN-2973-1
reference_type
scores
url	https://usn.ubuntu.com/2973-1/

fixed_packages

url	pkg:mozilla/Thunderbird@38.8.0
purl	pkg:mozilla/Thunderbird@38.8.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:mozilla/Thunderbird@38.8.0

url	pkg:mozilla/Thunderbird@45.0.0
purl	pkg:mozilla/Thunderbird@45.0.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:mozilla/Thunderbird@45.0.0

aliases CVE-2016-1979

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dk4z-1j37-aucx

url VCID-va3j-erp3-3ugy

vulnerability_id VCID-va3j-erp3-3ugy

summary

Multiple vulnerabilities have been found in Mozilla Firefox and
    Thunderbird the worst of which could lead to the execution of arbitrary
    code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00005.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00023.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00023.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00054.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00054.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00057.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00057.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html

reference_url	http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0695.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0695.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-1041.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-1041.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2807.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2807.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2807

reference_id

reference_type

scores

value	0.01777
scoring_system	epss
scoring_elements	0.82724
published_at	2026-04-21T12:55:00Z

value	0.01777
scoring_system	epss
scoring_elements	0.82616
published_at	2026-04-01T12:55:00Z

value	0.01777
scoring_system	epss
scoring_elements	0.82686
published_at	2026-04-12T12:55:00Z

value	0.01777
scoring_system	epss
scoring_elements	0.82682
published_at	2026-04-13T12:55:00Z

value	0.01777
scoring_system	epss
scoring_elements	0.8272
published_at	2026-04-16T12:55:00Z

value	0.01777
scoring_system	epss
scoring_elements	0.82721
published_at	2026-04-18T12:55:00Z

value	0.01777
scoring_system	epss
scoring_elements	0.82631
published_at	2026-04-02T12:55:00Z

value	0.01777
scoring_system	epss
scoring_elements	0.82646
published_at	2026-04-04T12:55:00Z

value	0.01777
scoring_system	epss
scoring_elements	0.82642
published_at	2026-04-07T12:55:00Z

value	0.01777
scoring_system	epss
scoring_elements	0.82668
published_at	2026-04-08T12:55:00Z

value	0.01777
scoring_system	epss
scoring_elements	0.82674
published_at	2026-04-09T12:55:00Z

value	0.01777
scoring_system	epss
scoring_elements	0.82692
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2807

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1187420
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1187420

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1252707
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1252707

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1254164
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1254164

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1254622
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1254622

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1254876
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1254876

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2808
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2808

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2814
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2814

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	http://www.debian.org/security/2016/dsa-3559
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3559

reference_url	http://www.debian.org/security/2016/dsa-3576
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3576

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-39.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-39.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

reference_url	http://www.securitytracker.com/id/1035692
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035692

reference_url	http://www.ubuntu.com/usn/USN-2936-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2936-1

reference_url	http://www.ubuntu.com/usn/USN-2936-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2936-2

reference_url	http://www.ubuntu.com/usn/USN-2936-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2936-3

reference_url	http://www.ubuntu.com/usn/USN-2973-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2973-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1330271
reference_id	1330271
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1330271

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.7.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:45.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_id	cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-2807

reference_id

CVE-2016-2807

reference_type

scores

value	10.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:C/I:C/A:C

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-2807

reference_url	https://security.gentoo.org/glsa/201701-15
reference_id	GLSA-201701-15
reference_type
scores
url	https://security.gentoo.org/glsa/201701-15

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-39

reference_id

mfsa2016-39

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-39

reference_url	https://access.redhat.com/errata/RHSA-2016:0695
reference_id	RHSA-2016:0695
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0695

reference_url	https://access.redhat.com/errata/RHSA-2016:1041
reference_id	RHSA-2016:1041
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1041

reference_url	https://usn.ubuntu.com/2936-1/
reference_id	USN-2936-1
reference_type
scores
url	https://usn.ubuntu.com/2936-1/

reference_url	https://usn.ubuntu.com/2973-1/
reference_id	USN-2973-1
reference_type
scores
url	https://usn.ubuntu.com/2973-1/

fixed_packages

url	pkg:mozilla/Thunderbird@38.8.0
purl	pkg:mozilla/Thunderbird@38.8.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:mozilla/Thunderbird@38.8.0

url	pkg:mozilla/Thunderbird@45.1.0
purl	pkg:mozilla/Thunderbird@45.1.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:mozilla/Thunderbird@45.1.0

aliases CVE-2016-2807

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-va3j-erp3-3ugy

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/Thunderbird@38.8.0

Package Instance