Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-fqmm-499j-nyc3

Summary

Multiple vulnerabilities have been found in Mozilla Firefox and
    Thunderbird the worst of which could lead to the execution of arbitrary
    code.

Aliases

alias	CVE-2016-2830

Fixed_packages

url	pkg:deb/debian/firefox@48.0-1?distro=sid
purl	pkg:deb/debian/firefox@48.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@48.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox-esr@45.3.0esr-1?distro=trixie
purl	pkg:deb/debian/firefox-esr@45.3.0esr-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@45.3.0esr-1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie

purl pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5dw5-vpt8-zqbz

vulnerability	VCID-9ag7-z86d-nba9

vulnerability	VCID-qbzp-euvv-q7c7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1?distro=trixie

purl pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-f81v-9fv8-93cd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-f81v-9fv8-93cd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.9.0esr-1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.9.0esr-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5dw5-vpt8-zqbz

vulnerability	VCID-9ag7-z86d-nba9

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-qbzp-euvv-q7c7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.9.0esr-1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.9.1esr-1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.9.1esr-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-f81v-9fv8-93cd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.9.1esr-1%3Fdistro=trixie

url	pkg:ebuild/mail-client/thunderbird@45.6.0
purl	pkg:ebuild/mail-client/thunderbird@45.6.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@45.6.0

url	pkg:ebuild/mail-client/thunderbird-bin@45.6.0
purl	pkg:ebuild/mail-client/thunderbird-bin@45.6.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@45.6.0

url	pkg:ebuild/www-client/firefox@45.6.0
purl	pkg:ebuild/www-client/firefox@45.6.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@45.6.0

url	pkg:ebuild/www-client/firefox-bin@45.6.0
purl	pkg:ebuild/www-client/firefox-bin@45.6.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0

url	pkg:mozilla/Firefox@48.0.0
purl	pkg:mozilla/Firefox@48.0.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@48.0.0

url	pkg:mozilla/Firefox%20ESR@45.3.0
purl	pkg:mozilla/Firefox%20ESR@45.3.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox%2520ESR@45.3.0

Affected_packages

url pkg:rpm/redhat/firefox@45.3.0-1?arch=el7_2

purl pkg:rpm/redhat/firefox@45.3.0-1?arch=el7_2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7kf6-5a92-hfhk

vulnerability	VCID-8dmy-qa26-rbha

vulnerability	VCID-8y7u-dhmg-j3ch

vulnerability	VCID-935y-sfuq-qqgh

vulnerability	VCID-b4dv-raac-tkf1

vulnerability	VCID-c2kz-qw3v-eqbz

vulnerability	VCID-d9z7-npfz-53a8

vulnerability	VCID-eh1p-amew-hydf

vulnerability	VCID-fqmm-499j-nyc3

vulnerability	VCID-mnar-hq2z-q7dc

vulnerability	VCID-sg3s-971c-c3fy

vulnerability	VCID-wgxa-54sd-rqd6

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/firefox@45.3.0-1%3Farch=el7_2

url pkg:rpm/redhat/firefox@45.3.0-1?arch=el6_8

purl pkg:rpm/redhat/firefox@45.3.0-1?arch=el6_8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7kf6-5a92-hfhk

vulnerability	VCID-8dmy-qa26-rbha

vulnerability	VCID-8y7u-dhmg-j3ch

vulnerability	VCID-935y-sfuq-qqgh

vulnerability	VCID-b4dv-raac-tkf1

vulnerability	VCID-c2kz-qw3v-eqbz

vulnerability	VCID-d9z7-npfz-53a8

vulnerability	VCID-eh1p-amew-hydf

vulnerability	VCID-fqmm-499j-nyc3

vulnerability	VCID-mnar-hq2z-q7dc

vulnerability	VCID-sg3s-971c-c3fy

vulnerability	VCID-wgxa-54sd-rqd6

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/firefox@45.3.0-1%3Farch=el6_8

url pkg:rpm/redhat/firefox@45.3.0-1?arch=el5_11

purl pkg:rpm/redhat/firefox@45.3.0-1?arch=el5_11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7kf6-5a92-hfhk

vulnerability	VCID-8dmy-qa26-rbha

vulnerability	VCID-8y7u-dhmg-j3ch

vulnerability	VCID-935y-sfuq-qqgh

vulnerability	VCID-b4dv-raac-tkf1

vulnerability	VCID-c2kz-qw3v-eqbz

vulnerability	VCID-d9z7-npfz-53a8

vulnerability	VCID-eh1p-amew-hydf

vulnerability	VCID-fqmm-499j-nyc3

vulnerability	VCID-mnar-hq2z-q7dc

vulnerability	VCID-sg3s-971c-c3fy

vulnerability	VCID-wgxa-54sd-rqd6

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/firefox@45.3.0-1%3Farch=el5_11

References

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-1551.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-1551.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2830.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2830.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2830

reference_id

reference_type

scores

value	0.00555
scoring_system	epss
scoring_elements	0.68053
published_at	2026-04-01T12:55:00Z

value	0.00555
scoring_system	epss
scoring_elements	0.68152
published_at	2026-04-16T12:55:00Z

value	0.00555
scoring_system	epss
scoring_elements	0.68137
published_at	2026-04-09T12:55:00Z

value	0.00555
scoring_system	epss
scoring_elements	0.68162
published_at	2026-04-11T12:55:00Z

value	0.00555
scoring_system	epss
scoring_elements	0.68148
published_at	2026-04-12T12:55:00Z

value	0.00555
scoring_system	epss
scoring_elements	0.68115
published_at	2026-04-13T12:55:00Z

value	0.00555
scoring_system	epss
scoring_elements	0.68075
published_at	2026-04-02T12:55:00Z

value	0.00555
scoring_system	epss
scoring_elements	0.68094
published_at	2026-04-04T12:55:00Z

value	0.00555
scoring_system	epss
scoring_elements	0.68071
published_at	2026-04-07T12:55:00Z

value	0.00555
scoring_system	epss
scoring_elements	0.68122
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2830

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1255270
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1255270

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	http://www.debian.org/security/2016/dsa-3640
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3640

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-63.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-63.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html

reference_url	http://www.securityfocus.com/bid/92261
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/92261

reference_url	http://www.securitytracker.com/id/1036508
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1036508

reference_url	http://www.ubuntu.com/usn/USN-3044-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-3044-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1342897
reference_id	1342897
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1342897

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:45.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:45.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.2.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:45.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.3.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:45.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.3.0:::::::*

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2830
reference_id	CVE-2016-2830
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2830

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-2830

reference_id

CVE-2016-2830

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:N/A:N

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2016-2830

reference_url	https://security.gentoo.org/glsa/201701-15
reference_id	GLSA-201701-15
reference_type
scores
url	https://security.gentoo.org/glsa/201701-15

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-63

reference_id

mfsa2016-63

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-63

reference_url	https://access.redhat.com/errata/RHSA-2016:1551
reference_id	RHSA-2016:1551
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1551

reference_url	https://usn.ubuntu.com/3044-1/
reference_id	USN-3044-1
reference_type
scores
url	https://usn.ubuntu.com/3044-1/

Weaknesses

cwe_id	200
name	Exposure of Sensitive Information to an Unauthorized Actor
description	The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

Exploits

Severity_range_score 4.3 - 8.9

Exploitability 0.5

Weighted_severity 8.0

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fqmm-499j-nyc3

Vulnerability Instance