Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/nss@2:3.21-1?distro=trixie

Type deb

Namespace debian

Name nss

Version 2:3.21-1

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 2:3.23-1

Latest_non_vulnerable_version 2:3.121-1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-9mux-fuyc-a7dx

vulnerability_id VCID-9mux-fuyc-a7dx

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00010.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00010.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1938.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1938.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1938

reference_id

reference_type

scores

value	0.01048
scoring_system	epss
scoring_elements	0.77552
published_at	2026-04-16T12:55:00Z

value	0.01048
scoring_system	epss
scoring_elements	0.77455
published_at	2026-04-01T12:55:00Z

value	0.01048
scoring_system	epss
scoring_elements	0.77532
published_at	2026-04-11T12:55:00Z

value	0.01048
scoring_system	epss
scoring_elements	0.77516
published_at	2026-04-12T12:55:00Z

value	0.01048
scoring_system	epss
scoring_elements	0.77513
published_at	2026-04-13T12:55:00Z

value	0.01048
scoring_system	epss
scoring_elements	0.77461
published_at	2026-04-02T12:55:00Z

value	0.01048
scoring_system	epss
scoring_elements	0.77486
published_at	2026-04-04T12:55:00Z

value	0.01048
scoring_system	epss
scoring_elements	0.77467
published_at	2026-04-07T12:55:00Z

value	0.01048
scoring_system	epss
scoring_elements	0.77497
published_at	2026-04-08T12:55:00Z

value	0.01048
scoring_system	epss
scoring_elements	0.77506
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1938

reference_url	https://blog.fuzzing-project.org/37-Mozilla-NSS-Wrong-calculation-results-in-mp_div-and-mp_exptmod.html
reference_id
reference_type
scores
url	https://blog.fuzzing-project.org/37-Mozilla-NSS-Wrong-calculation-results-in-mp_div-and-mp_exptmod.html

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1190248
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1190248

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1194947
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1194947

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21_release_notes
reference_id
reference_type
scores
url	https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21_release_notes

reference_url	https://github.com/hannob/bignum-fuzz/blob/master/CVE-2016-1938-nss-mp_div.c
reference_id
reference_type
scores
url	https://github.com/hannob/bignum-fuzz/blob/master/CVE-2016-1938-nss-mp_div.c

reference_url	https://github.com/hannob/bignum-fuzz/blob/master/CVE-2016-1938-nss-mp_exptmod.c
reference_id
reference_type
scores
url	https://github.com/hannob/bignum-fuzz/blob/master/CVE-2016-1938-nss-mp_exptmod.c

reference_url	https://hg.mozilla.org/projects/nss/diff/a555bf0fc23a/lib/freebl/mpi/mpi.c
reference_id
reference_type
scores
url	https://hg.mozilla.org/projects/nss/diff/a555bf0fc23a/lib/freebl/mpi/mpi.c

reference_url	http://www.debian.org/security/2016/dsa-3688
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3688

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-07.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-07.html

reference_url	http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

reference_url	http://www.securityfocus.com/bid/81955
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/81955

reference_url	http://www.securityfocus.com/bid/91787
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/91787

reference_url	http://www.securitytracker.com/id/1034825
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1034825

reference_url	http://www.ubuntu.com/usn/USN-2880-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2880-1

reference_url	http://www.ubuntu.com/usn/USN-2880-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2880-2

reference_url	http://www.ubuntu.com/usn/USN-2903-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2903-1

reference_url	http://www.ubuntu.com/usn/USN-2903-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2903-2

reference_url	http://www.ubuntu.com/usn/USN-2973-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2973-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1305159
reference_id	1305159
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1305159

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:nss::::::::
reference_id	cpe:2.3:a:mozilla:nss::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:nss::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1938
reference_id	CVE-2016-1938
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1938

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1938

reference_id

CVE-2016-1938

reference_type

scores

value	6.4
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:N

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1938

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url	https://security.gentoo.org/glsa/201701-46
reference_id	GLSA-201701-46
reference_type
scores
url	https://security.gentoo.org/glsa/201701-46

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-07

reference_id

mfsa2016-07

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-07

reference_url	https://usn.ubuntu.com/2880-1/
reference_id	USN-2880-1
reference_type
scores
url	https://usn.ubuntu.com/2880-1/

reference_url	https://usn.ubuntu.com/2903-1/
reference_id	USN-2903-1
reference_type
scores
url	https://usn.ubuntu.com/2903-1/

reference_url	https://usn.ubuntu.com/2973-1/
reference_id	USN-2973-1
reference_type
scores
url	https://usn.ubuntu.com/2973-1/

fixed_packages

url	pkg:deb/debian/nss@2:3.21-1?distro=trixie
purl	pkg:deb/debian/nss@2:3.21-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.21-1%3Fdistro=trixie

url pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2tts-gwgd-zqcz

vulnerability	VCID-3nrj-5r53-37ab

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2tts-gwgd-zqcz

vulnerability	VCID-3nrj-5r53-37ab

vulnerability	VCID-gret-hn3p-5kbk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/nss@2:3.121-1?distro=trixie
purl	pkg:deb/debian/nss@2:3.121-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.121-1%3Fdistro=trixie

aliases CVE-2016-1938

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9mux-fuyc-a7dx

url VCID-dk4z-1j37-aucx

vulnerability_id VCID-dk4z-1j37-aucx

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0591.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0591.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0684.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0684.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0685.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0685.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1979.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1979.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1979

reference_id

reference_type

scores

value	0.00707
scoring_system	epss
scoring_elements	0.722
published_at	2026-04-16T12:55:00Z

value	0.00707
scoring_system	epss
scoring_elements	0.72113
published_at	2026-04-01T12:55:00Z

value	0.00707
scoring_system	epss
scoring_elements	0.72188
published_at	2026-04-11T12:55:00Z

value	0.00707
scoring_system	epss
scoring_elements	0.72172
published_at	2026-04-12T12:55:00Z

value	0.00707
scoring_system	epss
scoring_elements	0.72159
published_at	2026-04-13T12:55:00Z

value	0.00707
scoring_system	epss
scoring_elements	0.72119
published_at	2026-04-02T12:55:00Z

value	0.00707
scoring_system	epss
scoring_elements	0.72139
published_at	2026-04-04T12:55:00Z

value	0.00707
scoring_system	epss
scoring_elements	0.72117
published_at	2026-04-07T12:55:00Z

value	0.00707
scoring_system	epss
scoring_elements	0.72153
published_at	2026-04-08T12:55:00Z

value	0.00707
scoring_system	epss
scoring_elements	0.72165
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1979

reference_url	https://bto.bluecoat.com/security-advisory/sa124
reference_id
reference_type
scores
url	https://bto.bluecoat.com/security-advisory/sa124

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1185033
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1185033

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807

reference_url	https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21.1_release_notes
reference_id
reference_type
scores
url	https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21.1_release_notes

reference_url	http://www.debian.org/security/2016/dsa-3576
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3576

reference_url	http://www.debian.org/security/2016/dsa-3688
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3688

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-36.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-36.html

reference_url	http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html

reference_url	http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

reference_url	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

reference_url	http://www.securityfocus.com/bid/84221
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84221

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	http://www.ubuntu.com/usn/USN-2973-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2973-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315202
reference_id	1315202
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315202

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services::::::::
reference_id	cpe:2.3:a:mozilla:network_security_services::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services::::::::

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1979
reference_id	CVE-2016-1979
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1979

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1979

reference_id

CVE-2016-1979

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1979

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-36

reference_id

mfsa2016-36

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-36

reference_url	https://access.redhat.com/errata/RHSA-2016:0591
reference_id	RHSA-2016:0591
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0591

reference_url	https://access.redhat.com/errata/RHSA-2016:0684
reference_id	RHSA-2016:0684
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0684

reference_url	https://access.redhat.com/errata/RHSA-2016:0685
reference_id	RHSA-2016:0685
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0685

reference_url	https://usn.ubuntu.com/2973-1/
reference_id	USN-2973-1
reference_type
scores
url	https://usn.ubuntu.com/2973-1/

fixed_packages

url	pkg:deb/debian/nss@2:3.21-1?distro=trixie
purl	pkg:deb/debian/nss@2:3.21-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.21-1%3Fdistro=trixie

url pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2tts-gwgd-zqcz

vulnerability	VCID-3nrj-5r53-37ab

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2tts-gwgd-zqcz

vulnerability	VCID-3nrj-5r53-37ab

vulnerability	VCID-gret-hn3p-5kbk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/nss@2:3.121-1?distro=trixie
purl	pkg:deb/debian/nss@2:3.121-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.121-1%3Fdistro=trixie

aliases CVE-2016-1979

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dk4z-1j37-aucx

url VCID-qup9-qy11-fqhe

vulnerability_id VCID-qup9-qy11-fqhe

summary

Multiple vulnerabilities have been found in mbed TLS, the worst of
    which could lead to the remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html

reference_url	http://lists.opensuse.org/opensuse-updates/2015-12/msg00139.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2015-12/msg00139.html

reference_url	http://lists.opensuse.org/opensuse-updates/2016-01/msg00005.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-01/msg00005.html

reference_url	http://lists.opensuse.org/opensuse-updates/2016-01/msg00058.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-01/msg00058.html

reference_url	http://lists.opensuse.org/opensuse-updates/2016-01/msg00059.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-01/msg00059.html

reference_url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00007.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00007.html

reference_url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00008.html

reference_url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00101.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00101.html

reference_url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00166.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00166.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0049.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0049.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0050.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0050.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0053.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0053.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0054.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0054.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0055.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0055.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0056.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0056.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7575.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7575.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-7575

reference_id

reference_type

scores

value	0.01509
scoring_system	epss
scoring_elements	0.81226
published_at	2026-04-16T12:55:00Z

value	0.01509
scoring_system	epss
scoring_elements	0.81125
published_at	2026-04-01T12:55:00Z

value	0.01509
scoring_system	epss
scoring_elements	0.8119
published_at	2026-04-09T12:55:00Z

value	0.01509
scoring_system	epss
scoring_elements	0.8121
published_at	2026-04-11T12:55:00Z

value	0.01509
scoring_system	epss
scoring_elements	0.81196
published_at	2026-04-12T12:55:00Z

value	0.01509
scoring_system	epss
scoring_elements	0.81189
published_at	2026-04-13T12:55:00Z

value	0.01509
scoring_system	epss
scoring_elements	0.81134
published_at	2026-04-02T12:55:00Z

value	0.01509
scoring_system	epss
scoring_elements	0.81157
published_at	2026-04-07T12:55:00Z

value	0.01509
scoring_system	epss
scoring_elements	0.81184
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-7575

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1158489
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1158489

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4734
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4734

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4803
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4803

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4805
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4805

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4806
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4806

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4835
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4835

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4842
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4842

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4843
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4843

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4860
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4860

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4872
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4872

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4881
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4881

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4882
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4882

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4883
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4883

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4893
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4893

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4903
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4903

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4911
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4911

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0402
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0402

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0448
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0448

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0466
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0466

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0483
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0483

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1523
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1523

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1526
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1526

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1930
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1930

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1935
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1935

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://developer.mozilla.org/docs/Mozilla/Projects/NSS/NSS_3.20.2_release_notes
reference_id
reference_type
scores
url	https://developer.mozilla.org/docs/Mozilla/Projects/NSS/NSS_3.20.2_release_notes

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://security.netapp.com/advisory/ntap-20160225-0001/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20160225-0001/

reference_url	http://www.debian.org/security/2016/dsa-3436
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3436

reference_url	http://www.debian.org/security/2016/dsa-3437
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3437

reference_url	http://www.debian.org/security/2016/dsa-3457
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3457

reference_url	http://www.debian.org/security/2016/dsa-3458
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3458

reference_url	http://www.debian.org/security/2016/dsa-3465
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3465

reference_url	http://www.debian.org/security/2016/dsa-3491
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3491

reference_url	http://www.debian.org/security/2016/dsa-3688
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3688

reference_url	http://www.mozilla.org/security/announce/2015/mfsa2015-150.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2015/mfsa2015-150.html

reference_url	http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html

reference_url	http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

reference_url	http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

reference_url	http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securityfocus.com/bid/79684
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/79684

reference_url	http://www.securityfocus.com/bid/91787
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/91787

reference_url	http://www.securitytracker.com/id/1034541
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1034541

reference_url	http://www.securitytracker.com/id/1036467
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1036467

reference_url	http://www.ubuntu.com/usn/USN-2863-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2863-1

reference_url	http://www.ubuntu.com/usn/USN-2864-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2864-1

reference_url	http://www.ubuntu.com/usn/USN-2865-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2865-1

reference_url	http://www.ubuntu.com/usn/USN-2866-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2866-1

reference_url	http://www.ubuntu.com/usn/USN-2884-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2884-1

reference_url	http://www.ubuntu.com/usn/USN-2904-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2904-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1289841
reference_id	1289841
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1289841

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:38.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services::::::::
reference_id	cpe:2.3:a:mozilla:network_security_services::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:15.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:::::::*

100

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

101

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2015-7575

reference_id

CVE-2015-7575

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2015-7575

102

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

103

reference_url	https://security.gentoo.org/glsa/201701-46
reference_id	GLSA-201701-46
reference_type
scores
url	https://security.gentoo.org/glsa/201701-46

104

reference_url	https://security.gentoo.org/glsa/201706-18
reference_id	GLSA-201706-18
reference_type
scores
url	https://security.gentoo.org/glsa/201706-18

105

reference_url	https://security.gentoo.org/glsa/201801-15
reference_id	GLSA-201801-15
reference_type
scores
url	https://security.gentoo.org/glsa/201801-15

106

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-150

reference_id

mfsa2015-150

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-150

107

reference_url	https://access.redhat.com/errata/RHSA-2016:0007
reference_id	RHSA-2016:0007
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0007

108

reference_url	https://access.redhat.com/errata/RHSA-2016:0008
reference_id	RHSA-2016:0008
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0008

109

reference_url	https://access.redhat.com/errata/RHSA-2016:0012
reference_id	RHSA-2016:0012
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0012

110

reference_url	https://access.redhat.com/errata/RHSA-2016:0049
reference_id	RHSA-2016:0049
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0049

111

reference_url	https://access.redhat.com/errata/RHSA-2016:0050
reference_id	RHSA-2016:0050
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0050

112

reference_url	https://access.redhat.com/errata/RHSA-2016:0053
reference_id	RHSA-2016:0053
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0053

113

reference_url	https://access.redhat.com/errata/RHSA-2016:0054
reference_id	RHSA-2016:0054
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0054

114

reference_url	https://access.redhat.com/errata/RHSA-2016:0055
reference_id	RHSA-2016:0055
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0055

115

reference_url	https://access.redhat.com/errata/RHSA-2016:0056
reference_id	RHSA-2016:0056
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0056

116

reference_url	https://access.redhat.com/errata/RHSA-2016:0098
reference_id	RHSA-2016:0098
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0098

117

reference_url	https://access.redhat.com/errata/RHSA-2016:0099
reference_id	RHSA-2016:0099
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0099

118

reference_url	https://access.redhat.com/errata/RHSA-2016:0100
reference_id	RHSA-2016:0100
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0100

119

reference_url	https://access.redhat.com/errata/RHSA-2016:0101
reference_id	RHSA-2016:0101
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0101

120

reference_url	https://access.redhat.com/errata/RHSA-2016:1430
reference_id	RHSA-2016:1430
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1430

121

reference_url	https://usn.ubuntu.com/2863-1/
reference_id	USN-2863-1
reference_type
scores
url	https://usn.ubuntu.com/2863-1/

122

reference_url	https://usn.ubuntu.com/2864-1/
reference_id	USN-2864-1
reference_type
scores
url	https://usn.ubuntu.com/2864-1/

123

reference_url	https://usn.ubuntu.com/2865-1/
reference_id	USN-2865-1
reference_type
scores
url	https://usn.ubuntu.com/2865-1/

124

reference_url	https://usn.ubuntu.com/2866-1/
reference_id	USN-2866-1
reference_type
scores
url	https://usn.ubuntu.com/2866-1/

125

reference_url	https://usn.ubuntu.com/2884-1/
reference_id	USN-2884-1
reference_type
scores
url	https://usn.ubuntu.com/2884-1/

126

reference_url	https://usn.ubuntu.com/2904-1/
reference_id	USN-2904-1
reference_type
scores
url	https://usn.ubuntu.com/2904-1/

fixed_packages

url	pkg:deb/debian/nss@2:3.21-1?distro=trixie
purl	pkg:deb/debian/nss@2:3.21-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.21-1%3Fdistro=trixie

url pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2tts-gwgd-zqcz

vulnerability	VCID-3nrj-5r53-37ab

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2tts-gwgd-zqcz

vulnerability	VCID-3nrj-5r53-37ab

vulnerability	VCID-gret-hn3p-5kbk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/nss@2:3.121-1?distro=trixie
purl	pkg:deb/debian/nss@2:3.121-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.121-1%3Fdistro=trixie

aliases CVE-2015-7575

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qup9-qy11-fqhe

url VCID-wut5-sqr6-mubd

vulnerability_id VCID-wut5-sqr6-mubd

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0591.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0591.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0684.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0684.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0685.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0685.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1978.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1978.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1978

reference_id

reference_type

scores

value	0.02458
scoring_system	epss
scoring_elements	0.85253
published_at	2026-04-16T12:55:00Z

value	0.02458
scoring_system	epss
scoring_elements	0.85163
published_at	2026-04-01T12:55:00Z

value	0.02458
scoring_system	epss
scoring_elements	0.85239
published_at	2026-04-11T12:55:00Z

value	0.02458
scoring_system	epss
scoring_elements	0.85236
published_at	2026-04-12T12:55:00Z

value	0.02458
scoring_system	epss
scoring_elements	0.85233
published_at	2026-04-13T12:55:00Z

value	0.02458
scoring_system	epss
scoring_elements	0.85175
published_at	2026-04-02T12:55:00Z

value	0.02458
scoring_system	epss
scoring_elements	0.85193
published_at	2026-04-04T12:55:00Z

value	0.02458
scoring_system	epss
scoring_elements	0.85194
published_at	2026-04-07T12:55:00Z

value	0.02458
scoring_system	epss
scoring_elements	0.85216
published_at	2026-04-08T12:55:00Z

value	0.02458
scoring_system	epss
scoring_elements	0.85224
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1978

reference_url	https://bto.bluecoat.com/security-advisory/sa124
reference_id
reference_type
scores
url	https://bto.bluecoat.com/security-advisory/sa124

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1209546
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1209546

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950

reference_url	https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21_release_notes
reference_id
reference_type
scores
url	https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21_release_notes

reference_url	http://www.debian.org/security/2016/dsa-3688
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3688

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-15.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-15.html

reference_url	http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

reference_url	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

reference_url	http://www.securityfocus.com/bid/84275
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84275

reference_url	http://www.securityfocus.com/bid/91787
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/91787

reference_url	http://www.securitytracker.com/id/1035258
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035258

reference_url	http://www.ubuntu.com/usn/USN-2973-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2973-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315565
reference_id	1315565
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315565

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services::::::::
reference_id	cpe:2.3:a:mozilla:network_security_services::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:network_security_services::::::::

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1978
reference_id	CVE-2016-1978
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1978

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1978

reference_id

CVE-2016-1978

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	7.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1978

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-15

reference_id

mfsa2016-15

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-15

reference_url	https://access.redhat.com/errata/RHSA-2016:0591
reference_id	RHSA-2016:0591
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0591

reference_url	https://access.redhat.com/errata/RHSA-2016:0684
reference_id	RHSA-2016:0684
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0684

reference_url	https://access.redhat.com/errata/RHSA-2016:0685
reference_id	RHSA-2016:0685
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0685

reference_url	https://usn.ubuntu.com/2973-1/
reference_id	USN-2973-1
reference_type
scores
url	https://usn.ubuntu.com/2973-1/

fixed_packages

url	pkg:deb/debian/nss@2:3.21-1?distro=trixie
purl	pkg:deb/debian/nss@2:3.21-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.21-1%3Fdistro=trixie

url pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nss@2:3.61-1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2tts-gwgd-zqcz

vulnerability	VCID-3nrj-5r53-37ab

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.61-1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/nss@2:3.87.1-1%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2tts-gwgd-zqcz

vulnerability	VCID-3nrj-5r53-37ab

vulnerability	VCID-gret-hn3p-5kbk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.87.1-1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/nss@2:3.110-1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.110-1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/nss@2:3.121-1?distro=trixie
purl	pkg:deb/debian/nss@2:3.121-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.121-1%3Fdistro=trixie

aliases CVE-2016-1978

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wut5-sqr6-mubd

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nss@2:3.21-1%3Fdistro=trixie

Package Instance