Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-h47s-xx3j-33eq

Summary Three vulnerabilities were reported in the Libevent library that allow for out-of-bounds reads and denial of service (DoS) attacks. These were fixed in the Libevent library and these changes were ported to Mozilla code.

Aliases

alias	CVE-2016-10196

Fixed_packages

url pkg:deb/debian/libevent@2.0.21-stable-2%2Bdeb8u1

purl pkg:deb/debian/libevent@2.0.21-stable-2%2Bdeb8u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-h47s-xx3j-33eq

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libevent@2.0.21-stable-2%252Bdeb8u1

url	pkg:deb/debian/libevent@2.0.21-stable-3
purl	pkg:deb/debian/libevent@2.0.21-stable-3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libevent@2.0.21-stable-3

url	pkg:deb/debian/libevent@2.0.21-stable-3?distro=trixie
purl	pkg:deb/debian/libevent@2.0.21-stable-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libevent@2.0.21-stable-3%3Fdistro=trixie

url	pkg:deb/debian/libevent@2.1.12-stable-1?distro=trixie
purl	pkg:deb/debian/libevent@2.1.12-stable-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libevent@2.1.12-stable-1%3Fdistro=trixie

url	pkg:deb/debian/libevent@2.1.12-stable-8?distro=trixie
purl	pkg:deb/debian/libevent@2.1.12-stable-8?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libevent@2.1.12-stable-8%3Fdistro=trixie

url	pkg:deb/debian/libevent@2.1.12-stable-10?distro=trixie
purl	pkg:deb/debian/libevent@2.1.12-stable-10?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libevent@2.1.12-stable-10%3Fdistro=trixie

url	pkg:ebuild/dev-libs/libevent@2.1.7_rc
purl	pkg:ebuild/dev-libs/libevent@2.1.7_rc
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-libs/libevent@2.1.7_rc

Affected_packages

url pkg:deb/debian/libevent@1.0b-1.1

purl pkg:deb/debian/libevent@1.0b-1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-76bw-4hry-77bq

vulnerability	VCID-9mdg-1dc3-dueg

vulnerability	VCID-h47s-xx3j-33eq

vulnerability	VCID-mhtm-6myj-5yax

vulnerability	VCID-rhx2-e6nu-vyc9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libevent@1.0b-1.1

url pkg:deb/debian/libevent@1.1a-1

purl pkg:deb/debian/libevent@1.1a-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-76bw-4hry-77bq

vulnerability	VCID-9mdg-1dc3-dueg

vulnerability	VCID-h47s-xx3j-33eq

vulnerability	VCID-mhtm-6myj-5yax

vulnerability	VCID-rhx2-e6nu-vyc9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libevent@1.1a-1

url pkg:deb/debian/libevent@1.3e-3

purl pkg:deb/debian/libevent@1.3e-3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-76bw-4hry-77bq

vulnerability	VCID-9mdg-1dc3-dueg

vulnerability	VCID-h47s-xx3j-33eq

vulnerability	VCID-mhtm-6myj-5yax

vulnerability	VCID-rhx2-e6nu-vyc9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libevent@1.3e-3

url pkg:deb/debian/libevent@1.4.13-stable-1

purl pkg:deb/debian/libevent@1.4.13-stable-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-76bw-4hry-77bq

vulnerability	VCID-9mdg-1dc3-dueg

vulnerability	VCID-h47s-xx3j-33eq

vulnerability	VCID-mhtm-6myj-5yax

vulnerability	VCID-rhx2-e6nu-vyc9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libevent@1.4.13-stable-1

url pkg:deb/debian/libevent@1.4.13-stable-1%2Bdeb6u1

purl pkg:deb/debian/libevent@1.4.13-stable-1%2Bdeb6u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-76bw-4hry-77bq

vulnerability	VCID-9mdg-1dc3-dueg

vulnerability	VCID-h47s-xx3j-33eq

vulnerability	VCID-mhtm-6myj-5yax

vulnerability	VCID-rhx2-e6nu-vyc9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libevent@1.4.13-stable-1%252Bdeb6u1

url pkg:deb/debian/libevent@2.0.19-stable-3%2Bdeb7u1

purl pkg:deb/debian/libevent@2.0.19-stable-3%2Bdeb7u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-76bw-4hry-77bq

vulnerability	VCID-h47s-xx3j-33eq

vulnerability	VCID-rhx2-e6nu-vyc9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libevent@2.0.19-stable-3%252Bdeb7u1

url pkg:deb/debian/libevent@2.0.21-stable-2

purl pkg:deb/debian/libevent@2.0.21-stable-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-76bw-4hry-77bq

vulnerability	VCID-h47s-xx3j-33eq

vulnerability	VCID-rhx2-e6nu-vyc9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libevent@2.0.21-stable-2

url pkg:deb/debian/libevent@2.0.21-stable-2%2Bdeb8u1

purl pkg:deb/debian/libevent@2.0.21-stable-2%2Bdeb8u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-h47s-xx3j-33eq

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libevent@2.0.21-stable-2%252Bdeb8u1

url pkg:rpm/redhat/firefox@52.1.0-2?arch=el7_3

purl pkg:rpm/redhat/firefox@52.1.0-2?arch=el7_3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hmf-d9jw-eydf

vulnerability	VCID-1req-6w1u-h7gr

vulnerability	VCID-1zvx-n96g-5qgr

vulnerability	VCID-3478-tt6y-3yex

vulnerability	VCID-3e39-auan-xuhb

vulnerability	VCID-4yun-8ff6-xbad

vulnerability	VCID-5t1y-kt3x-83gn

vulnerability	VCID-6fqb-hquy-1kgw

vulnerability	VCID-6m3m-gcn8-hbbq

vulnerability	VCID-76bw-4hry-77bq

vulnerability	VCID-7ryr-d2hw-1yhm

vulnerability	VCID-7sz2-vy3r-jqe3

vulnerability	VCID-8ase-exn4-kuhr

vulnerability	VCID-8fd1-atnz-4ybe

vulnerability	VCID-8pew-ffs9-tkhb

vulnerability	VCID-9czz-bc1n-xkem

vulnerability	VCID-9smz-q33h-hbaw

vulnerability	VCID-aja9-emwk-xye3

vulnerability	VCID-bj6j-ar4j-3bgg

vulnerability	VCID-bqjp-jgr5-u7cb

vulnerability	VCID-d3nj-g2ka-tue2

vulnerability	VCID-fu4u-wn2z-gbgz

vulnerability	VCID-h47s-xx3j-33eq

vulnerability	VCID-h9hn-tr9w-4ubn

vulnerability	VCID-jthc-qw6t-53ff

vulnerability	VCID-nz3g-jdgj-5kfv

vulnerability	VCID-qkyq-4mv5-4qbd

vulnerability	VCID-r9pw-nv4t-xfcj

vulnerability	VCID-rhx2-e6nu-vyc9

vulnerability	VCID-suq2-kh6t-1fdg

vulnerability	VCID-u7h9-yevq-gqay

vulnerability	VCID-xjyr-mns2-wuck

vulnerability	VCID-zrj6-cf4r-wyak

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/firefox@52.1.0-2%3Farch=el7_3

url pkg:rpm/redhat/firefox@52.1.0-2?arch=el6_9

purl pkg:rpm/redhat/firefox@52.1.0-2?arch=el6_9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hmf-d9jw-eydf

vulnerability	VCID-1zvx-n96g-5qgr

vulnerability	VCID-3478-tt6y-3yex

vulnerability	VCID-3e39-auan-xuhb

vulnerability	VCID-4yun-8ff6-xbad

vulnerability	VCID-5t1y-kt3x-83gn

vulnerability	VCID-76bw-4hry-77bq

vulnerability	VCID-7sz2-vy3r-jqe3

vulnerability	VCID-8ase-exn4-kuhr

vulnerability	VCID-8fd1-atnz-4ybe

vulnerability	VCID-8pew-ffs9-tkhb

vulnerability	VCID-9czz-bc1n-xkem

vulnerability	VCID-9smz-q33h-hbaw

vulnerability	VCID-aja9-emwk-xye3

vulnerability	VCID-fu4u-wn2z-gbgz

vulnerability	VCID-h47s-xx3j-33eq

vulnerability	VCID-h9hn-tr9w-4ubn

vulnerability	VCID-jthc-qw6t-53ff

vulnerability	VCID-nz3g-jdgj-5kfv

vulnerability	VCID-qkyq-4mv5-4qbd

vulnerability	VCID-r9pw-nv4t-xfcj

vulnerability	VCID-rhx2-e6nu-vyc9

vulnerability	VCID-suq2-kh6t-1fdg

vulnerability	VCID-u7h9-yevq-gqay

vulnerability	VCID-xjyr-mns2-wuck

vulnerability	VCID-zrj6-cf4r-wyak

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/firefox@52.1.0-2%3Farch=el6_9

url pkg:rpm/redhat/thunderbird@52.1.0-1?arch=el6_9

purl pkg:rpm/redhat/thunderbird@52.1.0-1?arch=el6_9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hmf-d9jw-eydf

vulnerability	VCID-1req-6w1u-h7gr

vulnerability	VCID-1zvx-n96g-5qgr

vulnerability	VCID-3478-tt6y-3yex

vulnerability	VCID-3e39-auan-xuhb

vulnerability	VCID-4yun-8ff6-xbad

vulnerability	VCID-5t1y-kt3x-83gn

vulnerability	VCID-6fqb-hquy-1kgw

vulnerability	VCID-76bw-4hry-77bq

vulnerability	VCID-7sz2-vy3r-jqe3

vulnerability	VCID-8ase-exn4-kuhr

vulnerability	VCID-8fd1-atnz-4ybe

vulnerability	VCID-9czz-bc1n-xkem

vulnerability	VCID-9smz-q33h-hbaw

vulnerability	VCID-aja9-emwk-xye3

vulnerability	VCID-bj6j-ar4j-3bgg

vulnerability	VCID-d3nj-g2ka-tue2

vulnerability	VCID-fu4u-wn2z-gbgz

vulnerability	VCID-h47s-xx3j-33eq

vulnerability	VCID-h9hn-tr9w-4ubn

vulnerability	VCID-jthc-qw6t-53ff

vulnerability	VCID-nz3g-jdgj-5kfv

vulnerability	VCID-qkyq-4mv5-4qbd

vulnerability	VCID-r9pw-nv4t-xfcj

vulnerability	VCID-rhx2-e6nu-vyc9

vulnerability	VCID-suq2-kh6t-1fdg

vulnerability	VCID-u7h9-yevq-gqay

vulnerability	VCID-xjyr-mns2-wuck

vulnerability	VCID-zrj6-cf4r-wyak

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/thunderbird@52.1.0-1%3Farch=el6_9

url pkg:rpm/redhat/thunderbird@52.1.0-1?arch=el7_3

purl pkg:rpm/redhat/thunderbird@52.1.0-1?arch=el7_3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hmf-d9jw-eydf

vulnerability	VCID-1req-6w1u-h7gr

vulnerability	VCID-1zvx-n96g-5qgr

vulnerability	VCID-3478-tt6y-3yex

vulnerability	VCID-3e39-auan-xuhb

vulnerability	VCID-4yun-8ff6-xbad

vulnerability	VCID-5t1y-kt3x-83gn

vulnerability	VCID-6fqb-hquy-1kgw

vulnerability	VCID-76bw-4hry-77bq

vulnerability	VCID-7sz2-vy3r-jqe3

vulnerability	VCID-8ase-exn4-kuhr

vulnerability	VCID-8fd1-atnz-4ybe

vulnerability	VCID-9czz-bc1n-xkem

vulnerability	VCID-9smz-q33h-hbaw

vulnerability	VCID-aja9-emwk-xye3

vulnerability	VCID-bj6j-ar4j-3bgg

vulnerability	VCID-d3nj-g2ka-tue2

vulnerability	VCID-fu4u-wn2z-gbgz

vulnerability	VCID-h47s-xx3j-33eq

vulnerability	VCID-h9hn-tr9w-4ubn

vulnerability	VCID-jthc-qw6t-53ff

vulnerability	VCID-nz3g-jdgj-5kfv

vulnerability	VCID-qkyq-4mv5-4qbd

vulnerability	VCID-r9pw-nv4t-xfcj

vulnerability	VCID-rhx2-e6nu-vyc9

vulnerability	VCID-suq2-kh6t-1fdg

vulnerability	VCID-u7h9-yevq-gqay

vulnerability	VCID-xjyr-mns2-wuck

vulnerability	VCID-zrj6-cf4r-wyak

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/thunderbird@52.1.0-1%3Farch=el7_3

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10196.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10196.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-10196

reference_id

reference_type

scores

value	0.01697
scoring_system	epss
scoring_elements	0.82623
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-10196

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10195
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10195

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10196
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10196

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10197
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10197

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1418611
reference_id	1418611
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1418611

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854092
reference_id	854092
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854092

reference_url	https://security.gentoo.org/glsa/201705-01
reference_id	GLSA-201705-01
reference_type
scores
url	https://security.gentoo.org/glsa/201705-01

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-10

reference_id

mfsa2017-10

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-10

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-11

reference_id

mfsa2017-11

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-11

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-12

reference_id

mfsa2017-12

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-12

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-13

reference_id

mfsa2017-13

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-13

reference_url	https://access.redhat.com/errata/RHSA-2017:1104
reference_id	RHSA-2017:1104
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:1104

reference_url	https://access.redhat.com/errata/RHSA-2017:1106
reference_id	RHSA-2017:1106
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:1106

reference_url	https://access.redhat.com/errata/RHSA-2017:1201
reference_id	RHSA-2017:1201
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:1201

Weaknesses

cwe_id	121
name	Stack-based Buffer Overflow
description	A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

Exploits

Severity_range_score 7.5 - 10.0

Exploitability 0.5

Weighted_severity 9.0

Risk_score 4.5

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h47s-xx3j-33eq

Vulnerability Instance